80bace725ba36d7cb75500186993b315cf00a9605132875c6cf30bd891303d48 | Triage

Sharing

General

Target

fb269c88ebde14794af4abf4eac68aa0_JaffaCakes118
Size

322KB
Sample

240928-agh6rswhlr
MD5

fb269c88ebde14794af4abf4eac68aa0
SHA1

4de107213ea7fb0140fabc958a6d19bd57fe0aed
SHA256

80bace725ba36d7cb75500186993b315cf00a9605132875c6cf30bd891303d48
SHA512

464b6353e41348a298d198f3f920d6d96f77329152575416df58646f0dc62f64f7668beeffcf6d70260604fcbff3d15002993d0599f5fa5e6ebdf861aec663d3
SSDEEP

6144:XQoivUntsjzrDFpj6UgX/M73j1ruJXjYCnrIsSnLbyABKIW5/AN7:gjvUntazrv5YM3tmXjZMQ7U7

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  fb269c88ebde14794af4abf4eac68aa0_JaffaCakes118
- Size
  
  322KB
- MD5
  
  fb269c88ebde14794af4abf4eac68aa0
- SHA1
  
  4de107213ea7fb0140fabc958a6d19bd57fe0aed
- SHA256
  
  80bace725ba36d7cb75500186993b315cf00a9605132875c6cf30bd891303d48
- SHA512
  
  464b6353e41348a298d198f3f920d6d96f77329152575416df58646f0dc62f64f7668beeffcf6d70260604fcbff3d15002993d0599f5fa5e6ebdf861aec663d3
- SSDEEP
  
  6144:XQoivUntsjzrDFpj6UgX/M73j1ruJXjYCnrIsSnLbyABKIW5/AN7:gjvUntazrv5YM3tmXjZMQ7U7
Score

7^/10

discovery persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2