95832b84d72f1b6bdbba753d9a31ef221974bb1ac985b7014a8e13a2e3f870b0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

138a9e3f65392638462b2060483a1257_JaffaCakes118
Size

108KB
Sample

241004-qr6b2s1ard
MD5

138a9e3f65392638462b2060483a1257
SHA1

76faa62447afedac603b7a456a0034f8de795a95
SHA256

95832b84d72f1b6bdbba753d9a31ef221974bb1ac985b7014a8e13a2e3f870b0
SHA512

dfc2eb406d6e526e76c41c0aaa7388ca4a9d1d9693cdf7a53df05f8aea87bee226f8922e3852013a79bd15b8038a50871030fe290d106547cdf0ffded8fbb3e5
SSDEEP

3072:gdQpC8keHrkrhKtuVeU1gAKKQ8TBZcokrYxF1L:rp2rhT375Q8Pcok

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  138a9e3f65392638462b2060483a1257_JaffaCakes118
- Size
  
  108KB
- MD5
  
  138a9e3f65392638462b2060483a1257
- SHA1
  
  76faa62447afedac603b7a456a0034f8de795a95
- SHA256
  
  95832b84d72f1b6bdbba753d9a31ef221974bb1ac985b7014a8e13a2e3f870b0
- SHA512
  
  dfc2eb406d6e526e76c41c0aaa7388ca4a9d1d9693cdf7a53df05f8aea87bee226f8922e3852013a79bd15b8038a50871030fe290d106547cdf0ffded8fbb3e5
- SSDEEP
  
  3072:gdQpC8keHrkrhKtuVeU1gAKKQ8TBZcokrYxF1L:rp2rhT375Q8Pcok
Score

7^/10

discovery
- Executes dropped EXE
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2