43c941ba1df4cb1fa6b89f72833cc774e89b2c6402e363650c92297ee114664f | Triage

Sharing

General

Target

148052c2649062351b1ba6bc46499e6b_JaffaCakes118
Size

262KB
Sample

240627-dxx7eazdmf
MD5

148052c2649062351b1ba6bc46499e6b
SHA1

18e68179f3849e8e99e6f6522275bd7cf7f6de81
SHA256

43c941ba1df4cb1fa6b89f72833cc774e89b2c6402e363650c92297ee114664f
SHA512

ed050bc3baeb54bb04ee3c9d5b7e3ef7f89fc403afb449dd40906815db43296a97ad5cc9473a52784e95c6d7f7b8096f9181cf94a3d9adab5973986a074bce59
SSDEEP

6144:MtiLMSpEKf6DrRCks6xrRtuTYsbCvEPSi0KqjJX:Mtmbn6/skNu8VvTibqtX

Score

10^/10

evasion

Malware Config

Targets

- Target
  
  148052c2649062351b1ba6bc46499e6b_JaffaCakes118
- Size
  
  262KB
- MD5
  
  148052c2649062351b1ba6bc46499e6b
- SHA1
  
  18e68179f3849e8e99e6f6522275bd7cf7f6de81
- SHA256
  
  43c941ba1df4cb1fa6b89f72833cc774e89b2c6402e363650c92297ee114664f
- SHA512
  
  ed050bc3baeb54bb04ee3c9d5b7e3ef7f89fc403afb449dd40906815db43296a97ad5cc9473a52784e95c6d7f7b8096f9181cf94a3d9adab5973986a074bce59
- SSDEEP
  
  6144:MtiLMSpEKf6DrRCks6xrRtuTYsbCvEPSi0KqjJX:Mtmbn6/skNu8VvTibqtX
Score

10^/10

evasion
- Modifies security service
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2