303ea1c5eb325048c2eea2688453799ed2eaa06c622ebf6bd0722de3e03a4f46 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6a267ed40df527ade9d25e20d2fe36c7_JaffaCakes118
Size

1007KB
Sample

240724-efqlnsxalj
MD5

6a267ed40df527ade9d25e20d2fe36c7
SHA1

17598cbedffeb95b40b3c5b1d7d338453d27d9a0
SHA256

303ea1c5eb325048c2eea2688453799ed2eaa06c622ebf6bd0722de3e03a4f46
SHA512

cc13c5c76e09b6d7d3d7d33436a206c7a57f66b3446915595b89495be0079e994e17c5ea4636078ec02a788373a094cd87bc21d66331a7cb84b88ff9e8867ca8
SSDEEP

24576:50kJ1fQH4TnqSal3XyJmJt39SnZwmtJavdQpK:2kJ1fQMzgj94TJavdQI

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  6a267ed40df527ade9d25e20d2fe36c7_JaffaCakes118
- Size
  
  1007KB
- MD5
  
  6a267ed40df527ade9d25e20d2fe36c7
- SHA1
  
  17598cbedffeb95b40b3c5b1d7d338453d27d9a0
- SHA256
  
  303ea1c5eb325048c2eea2688453799ed2eaa06c622ebf6bd0722de3e03a4f46
- SHA512
  
  cc13c5c76e09b6d7d3d7d33436a206c7a57f66b3446915595b89495be0079e994e17c5ea4636078ec02a788373a094cd87bc21d66331a7cb84b88ff9e8867ca8
- SSDEEP
  
  24576:50kJ1fQH4TnqSal3XyJmJt39SnZwmtJavdQpK:2kJ1fQMzgj94TJavdQI
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2