cf42f97feae2129977efe81edc18a5b36e0dace94d043df687b68aba2b73c3b2 | Triage

Sharing

General

Target

6be9b7a11e15248d1dae8306c3f4c8f3_JaffaCakes118
Size

11KB
Sample

241022-zy86ysweln
MD5

6be9b7a11e15248d1dae8306c3f4c8f3
SHA1

a9dd76e01ec5cacd0fb281de3daab4f8b5d597f7
SHA256

cf42f97feae2129977efe81edc18a5b36e0dace94d043df687b68aba2b73c3b2
SHA512

24524417fc651caa6be05498b88c5ccf21f3153eaf809bbe888cfe366c5e0bc75617dc5663c3b24ee87247cdcd093fd2c278391f784c70c8adc504325d617ab5
SSDEEP

192:F5Zfq/Q05JMCENlnwtDdHh/EzpPLX4/prjQGFLNEfTRWoFqRJhvugebhziAVjB5m:Tpq/Q05JMrNlwtDdHKz14dQGF2f38RJv

Score

5^/10

discovery

Malware Config

Targets

- Target
  
  6be9b7a11e15248d1dae8306c3f4c8f3_JaffaCakes118
- Size
  
  11KB
- MD5
  
  6be9b7a11e15248d1dae8306c3f4c8f3
- SHA1
  
  a9dd76e01ec5cacd0fb281de3daab4f8b5d597f7
- SHA256
  
  cf42f97feae2129977efe81edc18a5b36e0dace94d043df687b68aba2b73c3b2
- SHA512
  
  24524417fc651caa6be05498b88c5ccf21f3153eaf809bbe888cfe366c5e0bc75617dc5663c3b24ee87247cdcd093fd2c278391f784c70c8adc504325d617ab5
- SSDEEP
  
  192:F5Zfq/Q05JMCENlnwtDdHh/EzpPLX4/prjQGFLNEfTRWoFqRJhvugebhziAVjB5m:Tpq/Q05JMrNlwtDdHKz14dQGF2f38RJv
Score

5^/10

discovery
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2