d714d95af32b071b69bb627820ef2eaef630889c3bfd5c5fab99ead7dde07dbb | Triage

Sharing

General

Target

3cc6bc214fbf9105a865c1785453eed6_JaffaCakes118
Size

235KB
Sample

241013-ah7kratclk
MD5

3cc6bc214fbf9105a865c1785453eed6
SHA1

fc10d24f359846352337682e2e5b22437c767fa5
SHA256

d714d95af32b071b69bb627820ef2eaef630889c3bfd5c5fab99ead7dde07dbb
SHA512

904ba15f3693b5f01d17ade6842cecc74f6942aa37d19fd8fa10e19b9f4ac29452af6e779da5ecdc1800892d0d440642867b74a4dc2639839ef29402570e1a56
SSDEEP

3072:nEMcKiwevRJyAgCdTAUl9V+nQESeWBxFXvr55enEl9/V7AzI:nL9mRJyAsUlVBxRt79KE

Score

6^/10

discovery persistence

Malware Config

Targets

- Target
  
  3cc6bc214fbf9105a865c1785453eed6_JaffaCakes118
- Size
  
  235KB
- MD5
  
  3cc6bc214fbf9105a865c1785453eed6
- SHA1
  
  fc10d24f359846352337682e2e5b22437c767fa5
- SHA256
  
  d714d95af32b071b69bb627820ef2eaef630889c3bfd5c5fab99ead7dde07dbb
- SHA512
  
  904ba15f3693b5f01d17ade6842cecc74f6942aa37d19fd8fa10e19b9f4ac29452af6e779da5ecdc1800892d0d440642867b74a4dc2639839ef29402570e1a56
- SSDEEP
  
  3072:nEMcKiwevRJyAgCdTAUl9V+nQESeWBxFXvr55enEl9/V7AzI:nL9mRJyAsUlVBxRt79KE
Score

6^/10

discovery persistence
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence