a9ef2de92cc19be7b4975bb709d483d9f881ee576e5125848c9f9dd79dd4c138 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e276b8d46f354aff1a1c1dd6ecd486dd_JaffaCakes118
Size

148KB
Sample

240915-pf5eyatalh
MD5

e276b8d46f354aff1a1c1dd6ecd486dd
SHA1

719d4eb33bcd289c499d83b2109a5d8e5fa60642
SHA256

a9ef2de92cc19be7b4975bb709d483d9f881ee576e5125848c9f9dd79dd4c138
SHA512

b3c0beb367b5b624c3ecb410ae99d48c548e863dc5d5a789e507ae21e0c4313a0cdae3c3baa71d7e13955daf3deff10e37d38caf81b157907585d98e4761e3a2
SSDEEP

3072:QhZ5lsJWBXssRGciYyT9fgmw7DI7XObJoB/lr9i:QhZGWBX6

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  e276b8d46f354aff1a1c1dd6ecd486dd_JaffaCakes118
- Size
  
  148KB
- MD5
  
  e276b8d46f354aff1a1c1dd6ecd486dd
- SHA1
  
  719d4eb33bcd289c499d83b2109a5d8e5fa60642
- SHA256
  
  a9ef2de92cc19be7b4975bb709d483d9f881ee576e5125848c9f9dd79dd4c138
- SHA512
  
  b3c0beb367b5b624c3ecb410ae99d48c548e863dc5d5a789e507ae21e0c4313a0cdae3c3baa71d7e13955daf3deff10e37d38caf81b157907585d98e4761e3a2
- SSDEEP
  
  3072:QhZ5lsJWBXssRGciYyT9fgmw7DI7XObJoB/lr9i:QhZGWBX6
Score

7^/10

discovery
- Deletes itself
- Drops startup file
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2