94ff15373e9f0f81daa8f1c85d7deacc13e921c44962907ba30b15a335e2e9ce | Triage

Sharing

General

Target

eaa5600a564f9be87047c4f5276d7cc9_JaffaCakes118
Size

552KB
Sample

240919-ft619asfmj
MD5

eaa5600a564f9be87047c4f5276d7cc9
SHA1

9a8f9921c4da2e48f1498e3043382035671c5a48
SHA256

94ff15373e9f0f81daa8f1c85d7deacc13e921c44962907ba30b15a335e2e9ce
SHA512

41883b666f47227071c090aa3ba2248df84d810ae65cc9b1b20824510b49cd9bb723c081717d029f2407c19d4d7f3598740f4e40e487a9f18697f8f92e3faa3c
SSDEEP

12288:5fH2pohMieQkyrKD7yyTwhVbsO3HnGTHx7:FWWNvkya750LHGT

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  eaa5600a564f9be87047c4f5276d7cc9_JaffaCakes118
- Size
  
  552KB
- MD5
  
  eaa5600a564f9be87047c4f5276d7cc9
- SHA1
  
  9a8f9921c4da2e48f1498e3043382035671c5a48
- SHA256
  
  94ff15373e9f0f81daa8f1c85d7deacc13e921c44962907ba30b15a335e2e9ce
- SHA512
  
  41883b666f47227071c090aa3ba2248df84d810ae65cc9b1b20824510b49cd9bb723c081717d029f2407c19d4d7f3598740f4e40e487a9f18697f8f92e3faa3c
- SSDEEP
  
  12288:5fH2pohMieQkyrKD7yyTwhVbsO3HnGTHx7:FWWNvkya750LHGT
Score

7^/10

discovery
- Deletes itself
- Executes dropped EXE
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2