eaa3f580267457f5dafe91d369d26f8ed8e2dbb143d1b542cf844be2d0135c42 | Triage

Sharing

General

Target

696a4aec9868956d00cdcf45b1361614_JaffaCakes118
Size

374KB
Sample

240723-3l31ysycph
MD5

696a4aec9868956d00cdcf45b1361614
SHA1

37c22188314b74f36dc84cf68dc318c1fb182d5c
SHA256

eaa3f580267457f5dafe91d369d26f8ed8e2dbb143d1b542cf844be2d0135c42
SHA512

c044b979b018ec3daa254890e35b2b1645d5b790d89b885d3d2bab743b27f280f22a1437a156f7cf1b7fff966625adbec9c8e12dc28f850f3c96aab2a24194aa
SSDEEP

6144:NKmXG8e139p8Ji8BVt+pE90bKNJt498VM8W5ha4u/usTJGjpGfoS:NRX+139pmiMVp9GKNJt498LrF1qGfoS

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  696a4aec9868956d00cdcf45b1361614_JaffaCakes118
- Size
  
  374KB
- MD5
  
  696a4aec9868956d00cdcf45b1361614
- SHA1
  
  37c22188314b74f36dc84cf68dc318c1fb182d5c
- SHA256
  
  eaa3f580267457f5dafe91d369d26f8ed8e2dbb143d1b542cf844be2d0135c42
- SHA512
  
  c044b979b018ec3daa254890e35b2b1645d5b790d89b885d3d2bab743b27f280f22a1437a156f7cf1b7fff966625adbec9c8e12dc28f850f3c96aab2a24194aa
- SSDEEP
  
  6144:NKmXG8e139p8Ji8BVt+pE90bKNJt498VM8W5ha4u/usTJGjpGfoS:NRX+139pmiMVp9GKNJt498LrF1qGfoS
Score

7^/10

discovery
- Deletes itself
- Executes dropped EXE
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2