2904c76e47e34b60224be19ae0929fbb2f3c974aa635700f5f5b017384eb00ca | Triage

Sharing

Copy URL Twitter E-mail

General

Target

893d068e6fc3f372e9035d386c0df816_JaffaCakes118
Size

2.4MB
Sample

240811-gkw1cs1gra
MD5

893d068e6fc3f372e9035d386c0df816
SHA1

a67ad7321101622ef21a28d845f34596c40b2612
SHA256

2904c76e47e34b60224be19ae0929fbb2f3c974aa635700f5f5b017384eb00ca
SHA512

373a1b67e9cad2ec98e0d7f617f092ac51806a71be17e9f8f4b4b45bf71f9e93de004241bf5a87c3f3cc9aaa954fc8e776af406fd9ef050a45d2bd022a0e6958
SSDEEP

49152:p8o4yRz6/JYPrxso/E7uI5GIsQ6k1KnDdK/4Q5+wpGb0cQgYWl6sbY:xD6hYPh0ut1BDs4Mra0cgWYsbY

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  893d068e6fc3f372e9035d386c0df816_JaffaCakes118
- Size
  
  2.4MB
- MD5
  
  893d068e6fc3f372e9035d386c0df816
- SHA1
  
  a67ad7321101622ef21a28d845f34596c40b2612
- SHA256
  
  2904c76e47e34b60224be19ae0929fbb2f3c974aa635700f5f5b017384eb00ca
- SHA512
  
  373a1b67e9cad2ec98e0d7f617f092ac51806a71be17e9f8f4b4b45bf71f9e93de004241bf5a87c3f3cc9aaa954fc8e776af406fd9ef050a45d2bd022a0e6958
- SSDEEP
  
  49152:p8o4yRz6/JYPrxso/E7uI5GIsQ6k1KnDdK/4Q5+wpGb0cQgYWl6sbY:xD6hYPh0ut1BDs4Mra0cgWYsbY
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2