36ffe2e197f6abfb65b4458b4461b93d27e32121f670c401c5624e7bd41936e2 | Triage

Sharing

General

Target

f62b7f505d2b7fa4974a3c5a3a3f3e53_JaffaCakes118
Size

743KB
Sample

240925-rcplesygrp
MD5

f62b7f505d2b7fa4974a3c5a3a3f3e53
SHA1

ccd9831169615e3bea0e10931c1097deeddf9210
SHA256

36ffe2e197f6abfb65b4458b4461b93d27e32121f670c401c5624e7bd41936e2
SHA512

cc08593376f922910509cfb4d72d9c6e7bda59f24b85797eba1c2fb51593cb6a11b0b5977544f4a84f75dd6028710512db7a5a63ea1bd87c9e471ca4b2c113e8
SSDEEP

12288:0je4wcIEm1O8WoawcX2t2n18JT8p7YpVJGz7ohLeyG6lvxrTezWMNH46:hfcIXWoawKXdikz0pllJrT4WMx

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  f62b7f505d2b7fa4974a3c5a3a3f3e53_JaffaCakes118
- Size
  
  743KB
- MD5
  
  f62b7f505d2b7fa4974a3c5a3a3f3e53
- SHA1
  
  ccd9831169615e3bea0e10931c1097deeddf9210
- SHA256
  
  36ffe2e197f6abfb65b4458b4461b93d27e32121f670c401c5624e7bd41936e2
- SHA512
  
  cc08593376f922910509cfb4d72d9c6e7bda59f24b85797eba1c2fb51593cb6a11b0b5977544f4a84f75dd6028710512db7a5a63ea1bd87c9e471ca4b2c113e8
- SSDEEP
  
  12288:0je4wcIEm1O8WoawcX2t2n18JT8p7YpVJGz7ohLeyG6lvxrTezWMNH46:hfcIXWoawKXdikz0pllJrT4WMx
Score

7^/10

discovery
- Deletes itself
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2