ef486c3550929f787d66925c5cec3b1b473a22f1cd226d72b422daacc23ed5dd | Triage

Sharing

General

Target

bac6857b54df4633ff05e7c5fa53c23c_JaffaCakes118
Size

51KB
Sample

240823-hycz3s1clg
MD5

bac6857b54df4633ff05e7c5fa53c23c
SHA1

1423af3354bdb7de5aed21dfb103d0f6eaea7f17
SHA256

ef486c3550929f787d66925c5cec3b1b473a22f1cd226d72b422daacc23ed5dd
SHA512

071857fa060310c557aee6226e93605fce3c29634b0e1fe5060f255f2bbe8543b79f6db5397ced8a6696dcfecdb8990812ee198eca062fac64505b13b1696b86
SSDEEP

768:DO3acfx/rebpBIplgVFlx76wZka0beN4ViHTu29FQqnezaSlBinNjWmiNAe:D2BtgglIT+a0CuiHZFfhSlBxmiNA

Score

8^/10

discovery

Malware Config

Targets

- Target
  
  bac6857b54df4633ff05e7c5fa53c23c_JaffaCakes118
- Size
  
  51KB
- MD5
  
  bac6857b54df4633ff05e7c5fa53c23c
- SHA1
  
  1423af3354bdb7de5aed21dfb103d0f6eaea7f17
- SHA256
  
  ef486c3550929f787d66925c5cec3b1b473a22f1cd226d72b422daacc23ed5dd
- SHA512
  
  071857fa060310c557aee6226e93605fce3c29634b0e1fe5060f255f2bbe8543b79f6db5397ced8a6696dcfecdb8990812ee198eca062fac64505b13b1696b86
- SSDEEP
  
  768:DO3acfx/rebpBIplgVFlx76wZka0beN4ViHTu29FQqnezaSlBinNjWmiNAe:D2BtgglIT+a0CuiHZFfhSlBxmiNA
Score

8^/10

discovery
- Drops file in Drivers directory
- Deletes itself
- Executes dropped EXE
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2