c78de5adbf52d502fc35606dfe2fb6143822241a1b6e73100f1f0cdb952be378 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d5a0b576097211faf7bbbd60ae6546db_JaffaCakes118
Size

104KB
Sample

240909-ensq1a1ckm
MD5

d5a0b576097211faf7bbbd60ae6546db
SHA1

a56f6c91f69df9fe5b37548221ff083a136e9b69
SHA256

c78de5adbf52d502fc35606dfe2fb6143822241a1b6e73100f1f0cdb952be378
SHA512

0de81ab8319328f9e8cfd55c41558637fa10d8bc8b71dea5c91853ee15e1bc26b82451294c82eee3ade6a48f51946a00fd2a9dc635c003024863f5de123a6040
SSDEEP

3072:HOAPtmFg6sGXQ713wrsRzwZzAAZLoMlls:uwYW6sGgJ3w4RzuAAyM

Score

5^/10

discovery

Malware Config

Targets

- Target
  
  d5a0b576097211faf7bbbd60ae6546db_JaffaCakes118
- Size
  
  104KB
- MD5
  
  d5a0b576097211faf7bbbd60ae6546db
- SHA1
  
  a56f6c91f69df9fe5b37548221ff083a136e9b69
- SHA256
  
  c78de5adbf52d502fc35606dfe2fb6143822241a1b6e73100f1f0cdb952be378
- SHA512
  
  0de81ab8319328f9e8cfd55c41558637fa10d8bc8b71dea5c91853ee15e1bc26b82451294c82eee3ade6a48f51946a00fd2a9dc635c003024863f5de123a6040
- SSDEEP
  
  3072:HOAPtmFg6sGXQ713wrsRzwZzAAZLoMlls:uwYW6sGgJ3w4RzuAAyM
Score

5^/10

discovery
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2