238f2a8480e08078ab0648747aa86e0c5254af41059b35b077c375b4daaa6aaa | Triage

Sharing

General

Target

065acbb7726c34a2aec274a23f63e6eb_JaffaCakes118
Size

960KB
Sample

241001-sx2l6a1arb
MD5

065acbb7726c34a2aec274a23f63e6eb
SHA1

777e53adabb7c13726c97aa4fa1161d561a8c829
SHA256

238f2a8480e08078ab0648747aa86e0c5254af41059b35b077c375b4daaa6aaa
SHA512

051f88daf1dc30ad3246223589c9607941467175d6784ed20485c7767c386916ad8d50d9baef16e919526eb10cb18e486c1eeae751b412a6c1ca510f70586ea5
SSDEEP

24576:96YJes5NEdkQNIIut/csVFheNCXWOy2ylWof92QpawDR1hSVP+C:8g4dpI/ljheoX1y28NwzwDR1hSMC

Score

6^/10

discovery persistence

Malware Config

Targets

- Target
  
  065acbb7726c34a2aec274a23f63e6eb_JaffaCakes118
- Size
  
  960KB
- MD5
  
  065acbb7726c34a2aec274a23f63e6eb
- SHA1
  
  777e53adabb7c13726c97aa4fa1161d561a8c829
- SHA256
  
  238f2a8480e08078ab0648747aa86e0c5254af41059b35b077c375b4daaa6aaa
- SHA512
  
  051f88daf1dc30ad3246223589c9607941467175d6784ed20485c7767c386916ad8d50d9baef16e919526eb10cb18e486c1eeae751b412a6c1ca510f70586ea5
- SSDEEP
  
  24576:96YJes5NEdkQNIIut/csVFheNCXWOy2ylWof92QpawDR1hSVP+C:8g4dpI/ljheoX1y28NwzwDR1hSMC
Score

6^/10

discovery persistence
- Adds Run key to start application
  persistence
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence