4614b644f1b3616c03b0a48e8276849983c195349fa0e24d9002830365186604 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

835875903ebd2a49aa8f55bb50e68030_JaffaCakes118
Size

1.1MB
Sample

240802-g49essvfqh
MD5

835875903ebd2a49aa8f55bb50e68030
SHA1

6c1300659fd01c55c190e2cc6c716b10fa24a860
SHA256

4614b644f1b3616c03b0a48e8276849983c195349fa0e24d9002830365186604
SHA512

7d147509ed6fbf72aa60ce07d44c9cbad1e6cde297c792daca950472207a632ea8a6a6ca542e3b858111347e54f8681144d2053eb912ade9fc86d4ced21636e7
SSDEEP

24576:AgMGHzJ2xSgOJPQ5YRio3bWgOxZjj/SxrIShaNJmXgp15:AgMkJvr9Q5YRiNr0cSyBp7

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  835875903ebd2a49aa8f55bb50e68030_JaffaCakes118
- Size
  
  1.1MB
- MD5
  
  835875903ebd2a49aa8f55bb50e68030
- SHA1
  
  6c1300659fd01c55c190e2cc6c716b10fa24a860
- SHA256
  
  4614b644f1b3616c03b0a48e8276849983c195349fa0e24d9002830365186604
- SHA512
  
  7d147509ed6fbf72aa60ce07d44c9cbad1e6cde297c792daca950472207a632ea8a6a6ca542e3b858111347e54f8681144d2053eb912ade9fc86d4ced21636e7
- SSDEEP
  
  24576:AgMGHzJ2xSgOJPQ5YRio3bWgOxZjj/SxrIShaNJmXgp15:AgMkJvr9Q5YRiNr0cSyBp7
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Use of msiexec (install) with remote resource
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2