51e45fa73c7c62a5559da9bfccd7e7658cfb1ed559bd27e4c6a59538270fc3f9 | Triage

Sharing

General

Target

fc0b49e82cb77f84cd663548b5b5f96c_JaffaCakes118
Size

1.1MB
Sample

240928-lxcvgazapj
MD5

fc0b49e82cb77f84cd663548b5b5f96c
SHA1

375f9778388d61b9da8fa0500feb78be651f0981
SHA256

51e45fa73c7c62a5559da9bfccd7e7658cfb1ed559bd27e4c6a59538270fc3f9
SHA512

c016d9894da5da547073cd9c75272f25e791be57ac333240eb447edd71b1d21f7da274184e52be632d34ff0427daba010cf3a66748646ca13f4146193599b4ea
SSDEEP

24576:N+m20QqaShpkZSdzcGtn9QUKD7F9nd4XC2/m4nFlF:/faShBG9Jf4yenh

Score

6^/10

discovery persistence

Malware Config

Targets

- Target
  
  fc0b49e82cb77f84cd663548b5b5f96c_JaffaCakes118
- Size
  
  1.1MB
- MD5
  
  fc0b49e82cb77f84cd663548b5b5f96c
- SHA1
  
  375f9778388d61b9da8fa0500feb78be651f0981
- SHA256
  
  51e45fa73c7c62a5559da9bfccd7e7658cfb1ed559bd27e4c6a59538270fc3f9
- SHA512
  
  c016d9894da5da547073cd9c75272f25e791be57ac333240eb447edd71b1d21f7da274184e52be632d34ff0427daba010cf3a66748646ca13f4146193599b4ea
- SSDEEP
  
  24576:N+m20QqaShpkZSdzcGtn9QUKD7F9nd4XC2/m4nFlF:/faShBG9Jf4yenh
Score

6^/10

discovery persistence
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence