e57688ae28a484a3c00eae067827d08ccd50914c7ddde40853eb4f7dd9734075 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2e15a7448636f87be9f8ad55f9db01de_JaffaCakes118
Size

96KB
Sample

241009-klen9athlb
MD5

2e15a7448636f87be9f8ad55f9db01de
SHA1

5147a652db629e85b775c53be3ad5b33dfa1a7ba
SHA256

e57688ae28a484a3c00eae067827d08ccd50914c7ddde40853eb4f7dd9734075
SHA512

154b1ba0c21206e435938d8443fb31e74a26f49840bf2c77b328d73cad2f4c8b582c40e8c9ef6838f2185f51b71bfc06e729cc3f4fe9b4c2c2559815d8887b13
SSDEEP

1536:F2XJ0Xb8lLjW7fZ2Dndvp4WW8AI497oA9NbMhbO1IeOWzE/9i/:0zfW84p79L9NbMdO1uQ/

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  2e15a7448636f87be9f8ad55f9db01de_JaffaCakes118
- Size
  
  96KB
- MD5
  
  2e15a7448636f87be9f8ad55f9db01de
- SHA1
  
  5147a652db629e85b775c53be3ad5b33dfa1a7ba
- SHA256
  
  e57688ae28a484a3c00eae067827d08ccd50914c7ddde40853eb4f7dd9734075
- SHA512
  
  154b1ba0c21206e435938d8443fb31e74a26f49840bf2c77b328d73cad2f4c8b582c40e8c9ef6838f2185f51b71bfc06e729cc3f4fe9b4c2c2559815d8887b13
- SSDEEP
  
  1536:F2XJ0Xb8lLjW7fZ2Dndvp4WW8AI497oA9NbMhbO1IeOWzE/9i/:0zfW84p79L9NbMdO1uQ/
Score

7^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence