14fe5722a8299ed573a8e195056b81e8c4843dcb2593cad51ba997b55607d998 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

82c148f8635f354059c3e9087eb94247_JaffaCakes118
Size

272KB
Sample

240802-c9qsesweph
MD5

82c148f8635f354059c3e9087eb94247
SHA1

eab9a6cfe6cdb142695e465932de1a0f8268f07b
SHA256

14fe5722a8299ed573a8e195056b81e8c4843dcb2593cad51ba997b55607d998
SHA512

7c45ac143af64b3f7b81ed943efc4f4c0f5be6715c5aed1f52aa278fa38f505e43bdeb15fa7d64844a4c6ee2be21d7886c9697291684216bf6cd5b96dab2bffd
SSDEEP

3072:LfbpcA0oIzPQiQqHc2A3RaoRuQGHOQVwTymqzy8wmMguP3D6uwAID4zVbIQNiJyM:haoIrVQyANuBVwTN5mMzPTVWkBiEe

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  82c148f8635f354059c3e9087eb94247_JaffaCakes118
- Size
  
  272KB
- MD5
  
  82c148f8635f354059c3e9087eb94247
- SHA1
  
  eab9a6cfe6cdb142695e465932de1a0f8268f07b
- SHA256
  
  14fe5722a8299ed573a8e195056b81e8c4843dcb2593cad51ba997b55607d998
- SHA512
  
  7c45ac143af64b3f7b81ed943efc4f4c0f5be6715c5aed1f52aa278fa38f505e43bdeb15fa7d64844a4c6ee2be21d7886c9697291684216bf6cd5b96dab2bffd
- SSDEEP
  
  3072:LfbpcA0oIzPQiQqHc2A3RaoRuQGHOQVwTymqzy8wmMguP3D6uwAID4zVbIQNiJyM:haoIrVQyANuBVwTN5mMzPTVWkBiEe
Score

7^/10

discovery
- Executes dropped EXE
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2