82ea7cf27d035ca8a72bcb63b6890862713cd0103fae49ea6970a9671b2480b9 | Triage

Sharing

General

Target

f0c02fc1904027b46dfbc135c4444745_JaffaCakes118
Size

690KB
Sample

240921-2kdh8sxhqk
MD5

f0c02fc1904027b46dfbc135c4444745
SHA1

a0d2a0facc8d1308dbbfac5382331d9b3ec89d2a
SHA256

82ea7cf27d035ca8a72bcb63b6890862713cd0103fae49ea6970a9671b2480b9
SHA512

5bf2e954b64ddf73881b2371f534202d91425580a46292a338903b9c498c883a005e807b9d423ec80eeeff587ef277599b08c35f1719e686371a481e81fa41d3
SSDEEP

12288:sc0uk3fffvUTFTvpR3arb2r0JMD/ZqyE47ogJEogEf0pfqU3hQcM:li3fnvqRvpk+r2MUQoIvf0pyU+

Score

6^/10

discovery persistence

Malware Config

Targets

- Target
  
  f0c02fc1904027b46dfbc135c4444745_JaffaCakes118
- Size
  
  690KB
- MD5
  
  f0c02fc1904027b46dfbc135c4444745
- SHA1
  
  a0d2a0facc8d1308dbbfac5382331d9b3ec89d2a
- SHA256
  
  82ea7cf27d035ca8a72bcb63b6890862713cd0103fae49ea6970a9671b2480b9
- SHA512
  
  5bf2e954b64ddf73881b2371f534202d91425580a46292a338903b9c498c883a005e807b9d423ec80eeeff587ef277599b08c35f1719e686371a481e81fa41d3
- SSDEEP
  
  12288:sc0uk3fffvUTFTvpR3arb2r0JMD/ZqyE47ogJEogEf0pfqU3hQcM:li3fnvqRvpk+r2MUQoIvf0pyU+
Score

6^/10

discovery persistence
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence