e5165924d99fe61170addb988706af806acda9329e209c3bfb76bd81396c2d19 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

26cbdcf90cc17c2f484304607bc5f304_JaffaCakes118
Size

1.1MB
Sample

241008-21415awelq
MD5

26cbdcf90cc17c2f484304607bc5f304
SHA1

1543209ad50bb99664350f93440026093e56cf30
SHA256

e5165924d99fe61170addb988706af806acda9329e209c3bfb76bd81396c2d19
SHA512

b5bd5341127333248e8f47c86e61e617e8017500188d0d8553ae437e8cd60855050789392ff5d69b2da28c8e1ed6d672cfaabf67d1fbab5f7eac6e1f95fb9f90
SSDEEP

24576:llNK7zqNMQnNrdZomkksEmdczMf5/m5I40paHmW5pP0wY:ll7Nv3PaILSWl

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  26cbdcf90cc17c2f484304607bc5f304_JaffaCakes118
- Size
  
  1.1MB
- MD5
  
  26cbdcf90cc17c2f484304607bc5f304
- SHA1
  
  1543209ad50bb99664350f93440026093e56cf30
- SHA256
  
  e5165924d99fe61170addb988706af806acda9329e209c3bfb76bd81396c2d19
- SHA512
  
  b5bd5341127333248e8f47c86e61e617e8017500188d0d8553ae437e8cd60855050789392ff5d69b2da28c8e1ed6d672cfaabf67d1fbab5f7eac6e1f95fb9f90
- SSDEEP
  
  24576:llNK7zqNMQnNrdZomkksEmdczMf5/m5I40paHmW5pP0wY:ll7Nv3PaILSWl
Score

7^/10

discovery persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2