f3df8f38becd480f5277b498338d0851a32f0af0282859f1ce1896e9b8c2e1aa | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c17269e04e9dce5591a6f95a9dd83f2c_JaffaCakes118
Size

31KB
Sample

240825-yhjqpa1fqe
MD5

c17269e04e9dce5591a6f95a9dd83f2c
SHA1

40a1b014b7d168247c6b332f42f236405b09fc22
SHA256

f3df8f38becd480f5277b498338d0851a32f0af0282859f1ce1896e9b8c2e1aa
SHA512

eeddc9097a248096b3daec0989f094b41db164de7eb19df493063a821294f7fcc29ed336d097ea3a641350cc0c19306e23f79cab780c5d400459bf3357e5efba
SSDEEP

768:HWlDlGc6YTmYcGW3wKQtsKmdl8f3rSz/cQf9hNdwfm:HWlc1YiYpWQsdl8f3rSz/cahNd

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  c17269e04e9dce5591a6f95a9dd83f2c_JaffaCakes118
- Size
  
  31KB
- MD5
  
  c17269e04e9dce5591a6f95a9dd83f2c
- SHA1
  
  40a1b014b7d168247c6b332f42f236405b09fc22
- SHA256
  
  f3df8f38becd480f5277b498338d0851a32f0af0282859f1ce1896e9b8c2e1aa
- SHA512
  
  eeddc9097a248096b3daec0989f094b41db164de7eb19df493063a821294f7fcc29ed336d097ea3a641350cc0c19306e23f79cab780c5d400459bf3357e5efba
- SSDEEP
  
  768:HWlDlGc6YTmYcGW3wKQtsKmdl8f3rSz/cQf9hNdwfm:HWlc1YiYpWQsdl8f3rSz/cahNd
Score

7^/10

discovery
- Deletes itself
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2