7da595699bd32d771da029a248fac326c80016f8d2203a9d07ca5ca9460eea89 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ce54dcf4b4b8bc07e96b26fc9bc6e684_JaffaCakes118
Size

168KB
Sample

240906-bstx3sycqq
MD5

ce54dcf4b4b8bc07e96b26fc9bc6e684
SHA1

2087168b64a7d6f828d91ffc81c3d3a804f17cab
SHA256

7da595699bd32d771da029a248fac326c80016f8d2203a9d07ca5ca9460eea89
SHA512

a5f6a01dd02dd5efe60b79885a135aea3823652c1c10fdcb70329d96f7baeb7464a67e783ee67d0a9084512a0f94c758dd12a49f6165c80d3a2e695f18e86ef4
SSDEEP

3072:iLuC9XN6Q22l61bgI3fZD5uA9vfB0q1wdNp9Txfs5Bw0/Cq:G9d6Qdl8ffv4fp9T0BzN

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  ce54dcf4b4b8bc07e96b26fc9bc6e684_JaffaCakes118
- Size
  
  168KB
- MD5
  
  ce54dcf4b4b8bc07e96b26fc9bc6e684
- SHA1
  
  2087168b64a7d6f828d91ffc81c3d3a804f17cab
- SHA256
  
  7da595699bd32d771da029a248fac326c80016f8d2203a9d07ca5ca9460eea89
- SHA512
  
  a5f6a01dd02dd5efe60b79885a135aea3823652c1c10fdcb70329d96f7baeb7464a67e783ee67d0a9084512a0f94c758dd12a49f6165c80d3a2e695f18e86ef4
- SSDEEP
  
  3072:iLuC9XN6Q22l61bgI3fZD5uA9vfB0q1wdNp9Txfs5Bw0/Cq:G9d6Qdl8ffv4fp9T0BzN
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2