12fa324d10328861f0b5cb6787edbb940f911aa2e673a259dc1a3347f45a6cea | Triage

Sharing

General

Target

f4259cdbfceeef6bc47d18f09601c0a1_JaffaCakes118
Size

148KB
Sample

240924-vyv7wayejc
MD5

f4259cdbfceeef6bc47d18f09601c0a1
SHA1

ecf6943792e4ce42c6751e6a7ef2fa6aa2548543
SHA256

12fa324d10328861f0b5cb6787edbb940f911aa2e673a259dc1a3347f45a6cea
SHA512

87315909b55fe43545f18d7f79a72782619309c16fd66d1f3fcb6b1274049e4b658baac6d3348d143c399e79f6c853cf560555804ab14f95b2aec24915e88ba2
SSDEEP

3072:f/nODbx/iAI02gUZhZ1sRg4AEkMip5Or7hmhuro:f/Eb1TwZhZ2Rg4vs5imks

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  f4259cdbfceeef6bc47d18f09601c0a1_JaffaCakes118
- Size
  
  148KB
- MD5
  
  f4259cdbfceeef6bc47d18f09601c0a1
- SHA1
  
  ecf6943792e4ce42c6751e6a7ef2fa6aa2548543
- SHA256
  
  12fa324d10328861f0b5cb6787edbb940f911aa2e673a259dc1a3347f45a6cea
- SHA512
  
  87315909b55fe43545f18d7f79a72782619309c16fd66d1f3fcb6b1274049e4b658baac6d3348d143c399e79f6c853cf560555804ab14f95b2aec24915e88ba2
- SSDEEP
  
  3072:f/nODbx/iAI02gUZhZ1sRg4AEkMip5Or7hmhuro:f/Eb1TwZhZ2Rg4vs5imks
Score

7^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence