2d105d781a9dee27974648d68422e308fdf9e6f7c947146bf9875900d226d919 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

22d5e0bc053d8a3d884352f241ed30d8_JaffaCakes118
Size

249KB
Sample

240703-stmzlawand
MD5

22d5e0bc053d8a3d884352f241ed30d8
SHA1

0f00784067483930bee380aed78fa755b30a1aef
SHA256

2d105d781a9dee27974648d68422e308fdf9e6f7c947146bf9875900d226d919
SHA512

05e94f07785f6b5830f8728f93da53af48ec8c25f2cd92fadd0285de78f33e2021adc7a09715374db685f6cec2e47b753e31b1a805b103a84e0c44648dd9557f
SSDEEP

6144:xTrVftwEGzZfkuYKSb7poenvNCkfNecI1MYXhKP2YYCZSW2W:xTrVCEIku/ypjC+uXXzTCZQ

Score

7^/10

Malware Config

Targets

- Target
  
  22d5e0bc053d8a3d884352f241ed30d8_JaffaCakes118
- Size
  
  249KB
- MD5
  
  22d5e0bc053d8a3d884352f241ed30d8
- SHA1
  
  0f00784067483930bee380aed78fa755b30a1aef
- SHA256
  
  2d105d781a9dee27974648d68422e308fdf9e6f7c947146bf9875900d226d919
- SHA512
  
  05e94f07785f6b5830f8728f93da53af48ec8c25f2cd92fadd0285de78f33e2021adc7a09715374db685f6cec2e47b753e31b1a805b103a84e0c44648dd9557f
- SSDEEP
  
  6144:xTrVftwEGzZfkuYKSb7poenvNCkfNecI1MYXhKP2YYCZSW2W:xTrVCEIku/ypjC+uXXzTCZQ
Score

7^/10
- Uses the VBS compiler for execution
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2