df40147f1f6a5eb2715dddb570d169aef2a9b782a715f66f29269269f9b6fc14 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

129b8f321d5cfca9e1f1ff6fbee21a11_JaffaCakes118
Size

1022KB
Sample

241004-kh8sxsydjc
MD5

129b8f321d5cfca9e1f1ff6fbee21a11
SHA1

fea74d2f9dfe119f83956c384219eb45fe08f4dd
SHA256

df40147f1f6a5eb2715dddb570d169aef2a9b782a715f66f29269269f9b6fc14
SHA512

6bb71195257189aed0411249321acfffd5188cb28bb53cf2279805b90a0621b033b5512a7bcd051bda8d9e9e474b2f94da09feee2f49e3354bb4276e330aa81e
SSDEEP

24576:mU4sq+uA0AiArkLCYKYHHHWuS05ACdCL920p/5ZU:mU4iux+rELXWuS3Cd8920tzU

Score

5^/10

discovery

Malware Config

Targets

- Target
  
  RAGDOL~1.EXE
- Size
  
  1.0MB
- MD5
  
  a392eaabe654f4eb40c90ac35d62f793
- SHA1
  
  40b97e49c8eac9eb4f1134c77793c62dcca8f525
- SHA256
  
  875473e8fbf217481837913517b8eae205bb8f305c4b3c9ed03c7e50313a8b91
- SHA512
  
  d62c88b2a4d9d9ea4d73837a0e8942fd867fd7ee82bb791689e13076d1867a67c061613acb7adc65ce923083147c77c45c0b0d5be99c559985ca5519524276f6
- SSDEEP
  
  24576:IeFo9VnAVpIwtDnwcRpSmKI4F2BHPDeyPJXRZXrdjcjTTv:LFo9VnAVpIwZnrbwkBLeuRMT
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  data.exe
- Size
  
  610KB
- MD5
  
  9c6f2e1e5667b7f00e36956c158c5405
- SHA1
  
  5887d7f7fa3184dff400dc21a66513dee0cca51d
- SHA256
  
  8651c8e54d2600192d4491d253fe963ba3ed54d07047816bf38533cb96bbab22
- SHA512
  
  de3f0cf807b0846fad45c1b5180825e4f595393b4905d36adee977812643c674bd2d025dc246eaad5e2d08774c69dd4e34784c1bb5e186cbec1e092187336d68
- SSDEEP
  
  12288:IsbjcKHnjo2zBRzqWf/wZrXywt2yfPPo3JUOxoC6bHk:IsbjvHM6XqiwRiG2qPo3WOxoCx
Score

5^/10

discovery
- Suspicious use of SetThreadContext
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4