8d522ba79151c8f35350e80ac7c6462d3d26d88229a0cd511bb63ae26fe41973 | Triage

Sharing

General

Target

ec55fc7a83f60c7683b70e5dbc8e2f24_JaffaCakes118
Size

373KB
Sample

240411-a3kaysaf9y
MD5

ec55fc7a83f60c7683b70e5dbc8e2f24
SHA1

34d729c7e89ccda6295b34291978b6cd0be091bb
SHA256

8d522ba79151c8f35350e80ac7c6462d3d26d88229a0cd511bb63ae26fe41973
SHA512

bc93605e870e16cf44a9653e24fc49416615feaa689694c3cb7f7bedd36ed58b70ff7b0f75b11787f511c39c94d2e0b4e5b0bfadafb37f9fc8273166adb2e7a9
SSDEEP

6144:JlEG2aILgM2u+nmzK6QgSuHL5vj6pN/teIecjq1vsGX+v7MqvnTJ28THJYC:VIEGpzK6FSkFviFzq10GX+flpYC

Score

7^/10

Malware Config

Targets

- Target
  
  ec55fc7a83f60c7683b70e5dbc8e2f24_JaffaCakes118
- Size
  
  373KB
- MD5
  
  ec55fc7a83f60c7683b70e5dbc8e2f24
- SHA1
  
  34d729c7e89ccda6295b34291978b6cd0be091bb
- SHA256
  
  8d522ba79151c8f35350e80ac7c6462d3d26d88229a0cd511bb63ae26fe41973
- SHA512
  
  bc93605e870e16cf44a9653e24fc49416615feaa689694c3cb7f7bedd36ed58b70ff7b0f75b11787f511c39c94d2e0b4e5b0bfadafb37f9fc8273166adb2e7a9
- SSDEEP
  
  6144:JlEG2aILgM2u+nmzK6QgSuHL5vj6pN/teIecjq1vsGX+v7MqvnTJ28THJYC:VIEGpzK6FSkFviFzq10GX+flpYC
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2