c627ab2a1b1d6ec882f8e33972b34530974dc4b953cc347c517db2b924e275f7 | Triage

Sharing

General

Target

1a203b8b119dc8205871fed951971e7a_JaffaCakes118
Size

726KB
Sample

240628-pqq1assdmm
MD5

1a203b8b119dc8205871fed951971e7a
SHA1

0ef83882e3e96446b446e0295304b653cb87ca6b
SHA256

c627ab2a1b1d6ec882f8e33972b34530974dc4b953cc347c517db2b924e275f7
SHA512

b566d1b68704701de31ed4e9546c96f60ca38d9bbf81894d64d3653bd70b0e706b3d2d1c1494bd703dc9cfc485b7fb6b87ac6ca902e21a3e2099f7154a46382d
SSDEEP

12288:jXyQ/JBFMheooeChcG4VpuwCWQcUl+gvHZGBMTaN+562HgSJatdUvJjbYXNWB8E9:jiipooeOk31Ul+8HgB+1mQJjiWi1sf

Score

5^/10

Malware Config

Targets

- Target
  
  1a203b8b119dc8205871fed951971e7a_JaffaCakes118
- Size
  
  726KB
- MD5
  
  1a203b8b119dc8205871fed951971e7a
- SHA1
  
  0ef83882e3e96446b446e0295304b653cb87ca6b
- SHA256
  
  c627ab2a1b1d6ec882f8e33972b34530974dc4b953cc347c517db2b924e275f7
- SHA512
  
  b566d1b68704701de31ed4e9546c96f60ca38d9bbf81894d64d3653bd70b0e706b3d2d1c1494bd703dc9cfc485b7fb6b87ac6ca902e21a3e2099f7154a46382d
- SSDEEP
  
  12288:jXyQ/JBFMheooeChcG4VpuwCWQcUl+gvHZGBMTaN+562HgSJatdUvJjbYXNWB8E9:jiipooeOk31Ul+8HgB+1mQJjiWi1sf
Score

5^/10
- Drops autorun.inf file
  Malware can abuse Windows Autorun to spread further via attached volumes.
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Replication Through Removable Media

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Replication Through Removable Media

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2