e5843c68039035de8844708786956a07d1469f75afb92373a28d9e93bb49bbf7 | Triage

Sharing

General

Target

08d2ae67f2007ff5f69fe3281d81412c_JaffaCakes118
Size

47KB
Sample

241002-esjnwswgnn
MD5

08d2ae67f2007ff5f69fe3281d81412c
SHA1

642b52c34e080e902f122c420b63061298bc0c9c
SHA256

e5843c68039035de8844708786956a07d1469f75afb92373a28d9e93bb49bbf7
SHA512

227be9db5c86156d457210f79447ca95d6f5a578bb86a10d9b4b8db0786e9109a7e340f0627383a52f1a8caf306397cbab7b4af32cd412ba22224ff66fb1affc
SSDEEP

768:lojY9PXAum/U12tZAW/BXcTjX/O8KDbZS3n6yHEojY9Po:wmXiI2tZ7XqYZmn6yH1mg

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  08d2ae67f2007ff5f69fe3281d81412c_JaffaCakes118
- Size
  
  47KB
- MD5
  
  08d2ae67f2007ff5f69fe3281d81412c
- SHA1
  
  642b52c34e080e902f122c420b63061298bc0c9c
- SHA256
  
  e5843c68039035de8844708786956a07d1469f75afb92373a28d9e93bb49bbf7
- SHA512
  
  227be9db5c86156d457210f79447ca95d6f5a578bb86a10d9b4b8db0786e9109a7e340f0627383a52f1a8caf306397cbab7b4af32cd412ba22224ff66fb1affc
- SSDEEP
  
  768:lojY9PXAum/U12tZAW/BXcTjX/O8KDbZS3n6yHEojY9Po:wmXiI2tZ7XqYZmn6yH1mg
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2