89da30bfda006fec9d3a56c51c46b42475a863837f5fba4f666986902282ea4c | Triage

Sharing

General

Target

eac1d8dd18690305e8b87cd16b266143_JaffaCakes118
Size

19KB
Sample

240919-g7cv1avfrk
MD5

eac1d8dd18690305e8b87cd16b266143
SHA1

3ba4aa1dbf37836d3ecfad4797d2fc47c709a39e
SHA256

89da30bfda006fec9d3a56c51c46b42475a863837f5fba4f666986902282ea4c
SHA512

532e8a773e8ccb7548249032d08759eb4c0a68b9a2631860cf14e301d5f5ef170d763d5e44fbb9c2bab5633c137b92ec587a099dc7dabdf1001e1509906049d1
SSDEEP

384:GRRQ2GOuFI7b4uNfNHfErDOdW62cQp3tKE9ELUw16e7h1pE/MXyz:KQ2Dn4QNMuDLuVELUm6e7hXyz

Score

6^/10

discovery persistence

Malware Config

Targets

- Target
  
  eac1d8dd18690305e8b87cd16b266143_JaffaCakes118
- Size
  
  19KB
- MD5
  
  eac1d8dd18690305e8b87cd16b266143
- SHA1
  
  3ba4aa1dbf37836d3ecfad4797d2fc47c709a39e
- SHA256
  
  89da30bfda006fec9d3a56c51c46b42475a863837f5fba4f666986902282ea4c
- SHA512
  
  532e8a773e8ccb7548249032d08759eb4c0a68b9a2631860cf14e301d5f5ef170d763d5e44fbb9c2bab5633c137b92ec587a099dc7dabdf1001e1509906049d1
- SSDEEP
  
  384:GRRQ2GOuFI7b4uNfNHfErDOdW62cQp3tKE9ELUw16e7h1pE/MXyz:KQ2Dn4QNMuDLuVELUm6e7hXyz
Score

6^/10

discovery persistence
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence