677019b82898d51a1b09628b343dde353f0d6769c5becb03f6ef5cddbd4c0dd2 | Triage

Sharing

General

Target

2a859392c6469ad351fd3e19d22e40cc_JaffaCakes118
Size

1.1MB
Sample

241009-emxcssvajj
MD5

2a859392c6469ad351fd3e19d22e40cc
SHA1

9adfab0b5f862a5dc9e949f261340bf5dac1f513
SHA256

677019b82898d51a1b09628b343dde353f0d6769c5becb03f6ef5cddbd4c0dd2
SHA512

4e94a0d986f0b2802308b3593de91e42844e4fbfb7a2e4ba878df87121fa038be235ede80ec1c37d6ee7ad65c9937bb21dbb1400e230753446ea622e0ccc4735
SSDEEP

24576:TPpOwQoyEvOKdpEcVImZgxUJQB0CQKP+Odrg4XJ5H:jcl36pEcVxo0CPDdEUf

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2a859392c6469ad351fd3e19d22e40cc_JaffaCakes118
- Size
  
  1.1MB
- MD5
  
  2a859392c6469ad351fd3e19d22e40cc
- SHA1
  
  9adfab0b5f862a5dc9e949f261340bf5dac1f513
- SHA256
  
  677019b82898d51a1b09628b343dde353f0d6769c5becb03f6ef5cddbd4c0dd2
- SHA512
  
  4e94a0d986f0b2802308b3593de91e42844e4fbfb7a2e4ba878df87121fa038be235ede80ec1c37d6ee7ad65c9937bb21dbb1400e230753446ea622e0ccc4735
- SSDEEP
  
  24576:TPpOwQoyEvOKdpEcVImZgxUJQB0CQKP+Odrg4XJ5H:jcl36pEcVxo0CPDdEUf
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2