f02bd1696420e04a7409d1e26fb0a7fb0743d1ba6d72ea244f7841aa253eae0e | Triage

Sharing

General

Target

690fda9832f6a7ab887055156d749fc0_JaffaCakes118
Size

5.8MB
Sample

240522-3xtxesdh97
MD5

690fda9832f6a7ab887055156d749fc0
SHA1

0e8400c41883f161dfa19edc994d006153f0535b
SHA256

f02bd1696420e04a7409d1e26fb0a7fb0743d1ba6d72ea244f7841aa253eae0e
SHA512

a69b6dd3b32327d8772dac2b216a321824def39f06f3dd3a05f45b7e6dd460b5e78482dae375bc176149339b2e3ce73f52d60b6ce5cf8527702d44244ccb7466
SSDEEP

98304:w+w47RRPLddXzWcYJSWrs/DHhgT7IRqWFxdy++JlgoM4o5nU/1PgDpgoKgDwsLe6:wd47RJLddjWcqSWI/ruT+rpmXQKY9got

Score

6^/10

discovery

Malware Config

Targets

- Target
  
  2445/MenOfWarAssaultSquad2+5TR-LNG_v3.028.2.exe
- Size
  
  5.8MB
- MD5
  
  89aa694c9dd6033a80a9fca614557f23
- SHA1
  
  d44e1779289d2f8110dba88a42e343efb0432268
- SHA256
  
  ef187d7db48a1df4f7d0104e8f486c650bf1f3c0c59d68ea9ef4c3b7f4294156
- SHA512
  
  1c00074f80ecf7bf66fe4ad32302a6f4b67da7b63bf8046ab297172c79723abb086d4d395c6e7cff7596af1fcf18f7d99c49cebb258debe504a53a02efa0afc2
- SSDEEP
  
  98304:n1pB4D89tZNv73z/ElurgZPSjkKCj6sG4iLrlU38wCcs4WTtuSz5ExK7SUnJvdKf:nbB4w9Bzljh74is8XcsPTtpExK7SUJvG
Score

6^/10

discovery
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2