277f179140bc5004aa65c6786377b22bf62974b92e1e8937c4d73417ea6afbbe | Triage

Sharing

General

Target

bd9d299a3cca77884bd10b51966ead3f_JaffaCakes118
Size

524KB
Sample

240824-abbjqswglp
MD5

bd9d299a3cca77884bd10b51966ead3f
SHA1

8e06431fb5c6b25eabeccf5e22bd77d04e605cf6
SHA256

277f179140bc5004aa65c6786377b22bf62974b92e1e8937c4d73417ea6afbbe
SHA512

5a95c40d1458f17b416d98dde9b0e776508b54068266db9931e1d4e2a7b8275ac595aa47f79c410a466a9db9e1381114fee36808423ea0e84bdeca5d64768a5f
SSDEEP

3072:Jd+qeramMBsuBsfYiDHpWeIuwY2IMbrmTdcuk//V8iUR1fEn51EJaQIHXCpxqG+y:jEJaEqr6YQI

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  bd9d299a3cca77884bd10b51966ead3f_JaffaCakes118
- Size
  
  524KB
- MD5
  
  bd9d299a3cca77884bd10b51966ead3f
- SHA1
  
  8e06431fb5c6b25eabeccf5e22bd77d04e605cf6
- SHA256
  
  277f179140bc5004aa65c6786377b22bf62974b92e1e8937c4d73417ea6afbbe
- SHA512
  
  5a95c40d1458f17b416d98dde9b0e776508b54068266db9931e1d4e2a7b8275ac595aa47f79c410a466a9db9e1381114fee36808423ea0e84bdeca5d64768a5f
- SSDEEP
  
  3072:Jd+qeramMBsuBsfYiDHpWeIuwY2IMbrmTdcuk//V8iUR1fEn51EJaQIHXCpxqG+y:jEJaEqr6YQI
Score

7^/10

discovery
- Executes dropped EXE
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2