2a027c8c1af33323a0aeaa7dd1e30bb9dfefe2edd98f2d89ea6d075b6da7f3a7 | Triage

Sharing

General

Target

bcff30bf5a8a605f90ddd427845d4863_JaffaCakes118
Size

160KB
Sample

240823-yy8pratera
MD5

bcff30bf5a8a605f90ddd427845d4863
SHA1

b3fe079038eee499978338ab5f0bb0b918102762
SHA256

2a027c8c1af33323a0aeaa7dd1e30bb9dfefe2edd98f2d89ea6d075b6da7f3a7
SHA512

f9c1131f516574dac1b7707e17d5589dd5db432b11991d2e326e11448cf50a2e266dced288b5cffc0db4f9d597a060b456e9d635de011f69c6586cca494c214a
SSDEEP

3072:hQZSgjIYq9bdFKFANZrw5vDJdcklsujznZnQqNsddFy:Wo4q9G0JwFJfl3

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  bcff30bf5a8a605f90ddd427845d4863_JaffaCakes118
- Size
  
  160KB
- MD5
  
  bcff30bf5a8a605f90ddd427845d4863
- SHA1
  
  b3fe079038eee499978338ab5f0bb0b918102762
- SHA256
  
  2a027c8c1af33323a0aeaa7dd1e30bb9dfefe2edd98f2d89ea6d075b6da7f3a7
- SHA512
  
  f9c1131f516574dac1b7707e17d5589dd5db432b11991d2e326e11448cf50a2e266dced288b5cffc0db4f9d597a060b456e9d635de011f69c6586cca494c214a
- SSDEEP
  
  3072:hQZSgjIYq9bdFKFANZrw5vDJdcklsujznZnQqNsddFy:Wo4q9G0JwFJfl3
Score

7^/10

discovery
- Uses the VBS compiler for execution
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2