91e48959cf21cd7d0d11b048d5999fd6a52324b676538f1369cb489bbdd1742d | Triage

Sharing

General

Target

07c3493d1432f925f8d6d006e125530a_JaffaCakes118
Size

2.1MB
Sample

241001-2wtplavdmj
MD5

07c3493d1432f925f8d6d006e125530a
SHA1

a03c3d303c82e22cf8dc936049cf07d5059d8ff5
SHA256

91e48959cf21cd7d0d11b048d5999fd6a52324b676538f1369cb489bbdd1742d
SHA512

3934aa538a88e858d108d960901a9952e50ddfad22245a5670427739f2890790e13e944cb6ea5eaac3a745b72a296057b29109e9ce7e08eb1b66c876758a1591
SSDEEP

24576:LSihcj6jBSt/PHuuZSd4TxydEBv6iKnPWp5pGpLeYGqr+4cvJK+xlzlVNm:Lv/

Score

6^/10

discovery persistence

Malware Config

Targets

- Target
  
  07c3493d1432f925f8d6d006e125530a_JaffaCakes118
- Size
  
  2.1MB
- MD5
  
  07c3493d1432f925f8d6d006e125530a
- SHA1
  
  a03c3d303c82e22cf8dc936049cf07d5059d8ff5
- SHA256
  
  91e48959cf21cd7d0d11b048d5999fd6a52324b676538f1369cb489bbdd1742d
- SHA512
  
  3934aa538a88e858d108d960901a9952e50ddfad22245a5670427739f2890790e13e944cb6ea5eaac3a745b72a296057b29109e9ce7e08eb1b66c876758a1591
- SSDEEP
  
  24576:LSihcj6jBSt/PHuuZSd4TxydEBv6iKnPWp5pGpLeYGqr+4cvJK+xlzlVNm:Lv/
Score

6^/10

discovery persistence
- Adds Run key to start application
  persistence
- Program crash
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2