9d125be28c005bb92835301e7abdf06cce39d304f9abaef57961a1b9de8b4edb | Triage

Sharing

General

Target

df3f8919f9ac4d78448710d3bfa8a80a_JaffaCakes118
Size

18KB
Sample

240914-bwf6ds1ale
MD5

df3f8919f9ac4d78448710d3bfa8a80a
SHA1

60bb3ac4dd188f0d86db8a761ae8991c304d4b39
SHA256

9d125be28c005bb92835301e7abdf06cce39d304f9abaef57961a1b9de8b4edb
SHA512

2530e986591fe2c8afc0fae9b427531393df5e2e93d6f952587c2c6e099aa2786a0bd1f84fbaedbba1659b9523db321eda76a97afaa2ab053f9d7cf75c7ec377
SSDEEP

384:Wu2bQ9KaonykNuv210vgdAqCV2KWaKCIHGdQvkv2RiTzIFkDO+cRj4g:WVWKzykNz0sSWaKsAu0zKg

Score

7^/10

defense_evasion discovery

Malware Config

Targets

- Target
  
  df3f8919f9ac4d78448710d3bfa8a80a_JaffaCakes118
- Size
  
  18KB
- MD5
  
  df3f8919f9ac4d78448710d3bfa8a80a
- SHA1
  
  60bb3ac4dd188f0d86db8a761ae8991c304d4b39
- SHA256
  
  9d125be28c005bb92835301e7abdf06cce39d304f9abaef57961a1b9de8b4edb
- SHA512
  
  2530e986591fe2c8afc0fae9b427531393df5e2e93d6f952587c2c6e099aa2786a0bd1f84fbaedbba1659b9523db321eda76a97afaa2ab053f9d7cf75c7ec377
- SSDEEP
  
  384:Wu2bQ9KaonykNuv210vgdAqCV2KWaKCIHGdQvkv2RiTzIFkDO+cRj4g:WVWKzykNz0sSWaKsAu0zKg
Score

7^/10

defense_evasion discovery
- Deletes itself
- Executes dropped EXE
- Indicator Removal: File Deletion
  Adversaries may delete files left behind by the actions of their intrusion activity.
  defense_evasion
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Indicator Removal

File Deletion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery

behavioral2

defense_evasiondiscovery