4c561bd4be1c83dc4e644d45c62b95958de5977465af1f949a1c9b5ff67bc21b | Triage

Sharing

General

Target

JaffaCakes118_e29f053286b754a7a7257e52e47909d7
Size

1.0MB
Sample

250120-k568lsslcm
MD5

e29f053286b754a7a7257e52e47909d7
SHA1

5ea70fc40aafa11747c4e07b8cfe8bc4f002da2a
SHA256

4c561bd4be1c83dc4e644d45c62b95958de5977465af1f949a1c9b5ff67bc21b
SHA512

0a440a738e91e3687708b2c7f3351f3027015acad589a6cbb78500e83aa539f39f5d01826c549363377c145d93ed12d56b4222bbb5a59499230332333b33c007
SSDEEP

24576:RgPYvcKbGZw989KN8/1rh27dzwRC6DlYSBgD99F7siaB1hQdk0eJoz8T:RgPflsIVhCcRCh9iYpzI

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  JaffaCakes118_e29f053286b754a7a7257e52e47909d7
- Size
  
  1.0MB
- MD5
  
  e29f053286b754a7a7257e52e47909d7
- SHA1
  
  5ea70fc40aafa11747c4e07b8cfe8bc4f002da2a
- SHA256
  
  4c561bd4be1c83dc4e644d45c62b95958de5977465af1f949a1c9b5ff67bc21b
- SHA512
  
  0a440a738e91e3687708b2c7f3351f3027015acad589a6cbb78500e83aa539f39f5d01826c549363377c145d93ed12d56b4222bbb5a59499230332333b33c007
- SSDEEP
  
  24576:RgPYvcKbGZw989KN8/1rh27dzwRC6DlYSBgD99F7siaB1hQdk0eJoz8T:RgPflsIVhCcRCh9iYpzI
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Use of msiexec (install) with remote resource
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2