1c50f00eacf16bc5c4f77c97910e56391a29a532a95bcaf7d8910563f30f2676 | Triage

Sharing

General

Target

b4a698ebdf4225fe62b22917e607265c_JaffaCakes118
Size

583KB
Sample

240821-xnla2avemg
MD5

b4a698ebdf4225fe62b22917e607265c
SHA1

641fd9ee715c2777b2b7d9bfd3657c41fbf2e9d0
SHA256

1c50f00eacf16bc5c4f77c97910e56391a29a532a95bcaf7d8910563f30f2676
SHA512

6ab02418b1cd39db60da1985ca5e69c7b77f1897a6546f18ca2157b1d440c1497cd7550e652d95b83745a91d7131a7a72f8bc1df917947be61e8ee32c66c9588
SSDEEP

12288:+FNEGdAYnaj+S1OlEjUdNAgv4M5b4bIzdsTX0ET+znl2Z59Pqd:1AAYn8xiEjUdOgvHbGIzdsTXZO6E

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  b4a698ebdf4225fe62b22917e607265c_JaffaCakes118
- Size
  
  583KB
- MD5
  
  b4a698ebdf4225fe62b22917e607265c
- SHA1
  
  641fd9ee715c2777b2b7d9bfd3657c41fbf2e9d0
- SHA256
  
  1c50f00eacf16bc5c4f77c97910e56391a29a532a95bcaf7d8910563f30f2676
- SHA512
  
  6ab02418b1cd39db60da1985ca5e69c7b77f1897a6546f18ca2157b1d440c1497cd7550e652d95b83745a91d7131a7a72f8bc1df917947be61e8ee32c66c9588
- SSDEEP
  
  12288:+FNEGdAYnaj+S1OlEjUdNAgv4M5b4bIzdsTX0ET+znl2Z59Pqd:1AAYn8xiEjUdOgvHbGIzdsTXZO6E
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2