2aa0cb9c169f58ac5b6df492b2db4ec0b0778b0541d609f57caed01f648e3a9d | Triage

Sharing

General

Target

831db93c7e0ed6d94b31d9e1dc572138_JaffaCakes118
Size

155KB
Sample

240802-flcgnsxbnr
MD5

831db93c7e0ed6d94b31d9e1dc572138
SHA1

eb8105165f3e2c729310f31427016660e3cc1208
SHA256

2aa0cb9c169f58ac5b6df492b2db4ec0b0778b0541d609f57caed01f648e3a9d
SHA512

ad18dfd1685b6a9c27ef2e35a6d8d7491682ac19474e1215d3970346b5f3e546067d863fc6b5df373c7ab2f9392bb74cb8770f5fef63bf66cf36212762aef7f4
SSDEEP

3072:GVFMQOqmZxhCSB1tiioAYHJYCimCWgTFB0iKb39+2JX7LtZ1YgsfbNKZXQXQGE68:OOxhvnoAYDiYWL0bT9HX7b1jmwAXQGX8

Score

7^/10

aspackv2 discovery

Malware Config

Targets

- Target
  
  831db93c7e0ed6d94b31d9e1dc572138_JaffaCakes118
- Size
  
  155KB
- MD5
  
  831db93c7e0ed6d94b31d9e1dc572138
- SHA1
  
  eb8105165f3e2c729310f31427016660e3cc1208
- SHA256
  
  2aa0cb9c169f58ac5b6df492b2db4ec0b0778b0541d609f57caed01f648e3a9d
- SHA512
  
  ad18dfd1685b6a9c27ef2e35a6d8d7491682ac19474e1215d3970346b5f3e546067d863fc6b5df373c7ab2f9392bb74cb8770f5fef63bf66cf36212762aef7f4
- SSDEEP
  
  3072:GVFMQOqmZxhCSB1tiioAYHJYCimCWgTFB0iKb39+2JX7LtZ1YgsfbNKZXQXQGE68:OOxhvnoAYDiYWL0bT9HX7b1jmwAXQGX8
Score

5^/10

discovery
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2