67b4f5aeddd9f81688e888a17ce50490f4d18724cf8ad6b571519af3acac826b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2a66a4c48a5a200536fa4ae1361635a9_JaffaCakes118
Size

224KB
Sample

241009-ehhzlstcpl
MD5

2a66a4c48a5a200536fa4ae1361635a9
SHA1

69e9a34a28a82258b0704ddd68f71d37ddb5d094
SHA256

67b4f5aeddd9f81688e888a17ce50490f4d18724cf8ad6b571519af3acac826b
SHA512

2f8b260e59751dcfd1663c8ec50f82bc0525a14653aa2b29c410e8da4b579910f0de13659b520f7f428bd53facb4e4db8b65e543af8057ecf6a48fb6a30d9d20
SSDEEP

3072:4KyA8qbDYYvF8TQyJZI6cRrM+lP8yKV1tr8BqvtwXtwRzkfk3Yvjp5fGETlSQY5c:FyjIcqOlJ59+PBqox8oLfJ5Lsm

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2a66a4c48a5a200536fa4ae1361635a9_JaffaCakes118
- Size
  
  224KB
- MD5
  
  2a66a4c48a5a200536fa4ae1361635a9
- SHA1
  
  69e9a34a28a82258b0704ddd68f71d37ddb5d094
- SHA256
  
  67b4f5aeddd9f81688e888a17ce50490f4d18724cf8ad6b571519af3acac826b
- SHA512
  
  2f8b260e59751dcfd1663c8ec50f82bc0525a14653aa2b29c410e8da4b579910f0de13659b520f7f428bd53facb4e4db8b65e543af8057ecf6a48fb6a30d9d20
- SSDEEP
  
  3072:4KyA8qbDYYvF8TQyJZI6cRrM+lP8yKV1tr8BqvtwXtwRzkfk3Yvjp5fGETlSQY5c:FyjIcqOlJ59+PBqox8oLfJ5Lsm
Score

7^/10

discovery
- Uses the VBS compiler for execution
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2