1d8f7331e7f515f348707bf8d2fe9edb223bdfe1700a47cc0a1732a5291c9990 | Triage

Sharing

General

Target

d02ebcddf4b219d0b19d780f2006d92a_JaffaCakes118
Size

1.0MB
Sample

240906-w1hj8s1gpg
MD5

d02ebcddf4b219d0b19d780f2006d92a
SHA1

d81e9704c45d7899711ef5bd346748bf1bb28256
SHA256

1d8f7331e7f515f348707bf8d2fe9edb223bdfe1700a47cc0a1732a5291c9990
SHA512

eea07f3adff8d8d1e4498f4e54114efea47713a6088d648be014cb3b1ff50cc061f2648f535a1c75b8ceb8e9eb8b7a553e52bfa065cfe40cd354c1394717f491
SSDEEP

24576:Mv1yyMWlFTZY+TPnGB1dpHYvEwMisGvRrq2ajiswTP+25iP7N0:EAyMWl/jOLdKMwMiR8Rji/+VN0

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  d02ebcddf4b219d0b19d780f2006d92a_JaffaCakes118
- Size
  
  1.0MB
- MD5
  
  d02ebcddf4b219d0b19d780f2006d92a
- SHA1
  
  d81e9704c45d7899711ef5bd346748bf1bb28256
- SHA256
  
  1d8f7331e7f515f348707bf8d2fe9edb223bdfe1700a47cc0a1732a5291c9990
- SHA512
  
  eea07f3adff8d8d1e4498f4e54114efea47713a6088d648be014cb3b1ff50cc061f2648f535a1c75b8ceb8e9eb8b7a553e52bfa065cfe40cd354c1394717f491
- SSDEEP
  
  24576:Mv1yyMWlFTZY+TPnGB1dpHYvEwMisGvRrq2ajiswTP+25iP7N0:EAyMWl/jOLdKMwMiR8Rji/+VN0
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Use of msiexec (install) with remote resource
- Blocklisted process makes network request
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2