2ab5cee7daac67562f8c9c40513283b69e3406fe99ce34f6181b494ca5ca576a | Triage

Sharing

General

Target

f52b9c5681d3f4fa05188c39ada8a2cd_JaffaCakes118
Size

124KB
Sample

240925-eyraxsxhke
MD5

f52b9c5681d3f4fa05188c39ada8a2cd
SHA1

97bb98950817d877405f743daf4148a3c5c9014e
SHA256

2ab5cee7daac67562f8c9c40513283b69e3406fe99ce34f6181b494ca5ca576a
SHA512

2355f7a314ebb43f8859fe7bd4096d6ec46708224557b682a8559f8586b0be3cc95a1b2ee0408e759fe36d8f2f4afb99a8b6a90bad53280f004fffa3409f6e08
SSDEEP

1536:4MUFSFoINm79U4fIAthA081qWMdItmNzxoUpocSYqwT7M91BBZpoumYWlpaW+VR:jDFc24fIALA11qWM6teqg/h7OfTiUf

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  f52b9c5681d3f4fa05188c39ada8a2cd_JaffaCakes118
- Size
  
  124KB
- MD5
  
  f52b9c5681d3f4fa05188c39ada8a2cd
- SHA1
  
  97bb98950817d877405f743daf4148a3c5c9014e
- SHA256
  
  2ab5cee7daac67562f8c9c40513283b69e3406fe99ce34f6181b494ca5ca576a
- SHA512
  
  2355f7a314ebb43f8859fe7bd4096d6ec46708224557b682a8559f8586b0be3cc95a1b2ee0408e759fe36d8f2f4afb99a8b6a90bad53280f004fffa3409f6e08
- SSDEEP
  
  1536:4MUFSFoINm79U4fIAthA081qWMdItmNzxoUpocSYqwT7M91BBZpoumYWlpaW+VR:jDFc24fIALA11qWM6teqg/h7OfTiUf
Score

7^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence