e29bd5c1f8b15985419b287fcfef8a51b96ada49c2e2a215aba078bba4e87cff | Triage

Sharing

General

Target

0dfb56b3493e08f843e3cef9ef736e34_JaffaCakes118
Size

92KB
Sample

240328-x3w13sec5x
MD5

0dfb56b3493e08f843e3cef9ef736e34
SHA1

2b6e0410283af8025373536db70fbe52da8e3f90
SHA256

e29bd5c1f8b15985419b287fcfef8a51b96ada49c2e2a215aba078bba4e87cff
SHA512

92e2c9bb494f890cce624042bfdccc9d206e69c9e18cb61b1a0c7a1c968212212edb7f13ece99a1d751f5faca8bdfb2cc9f1b6ffd08e4bda11f63aabc51fb3a3
SSDEEP

1536:Jfu1DwyixuXWbYzGEjxuMrwhF5pqZ83YacIyP/69QAq0Gb8/Z5H83oKz:huiDIZ9u6iLqKYBbWq0GQP0oKz

Score

8^/10

discovery

Malware Config

Targets

- Target
  
  0dfb56b3493e08f843e3cef9ef736e34_JaffaCakes118
- Size
  
  92KB
- MD5
  
  0dfb56b3493e08f843e3cef9ef736e34
- SHA1
  
  2b6e0410283af8025373536db70fbe52da8e3f90
- SHA256
  
  e29bd5c1f8b15985419b287fcfef8a51b96ada49c2e2a215aba078bba4e87cff
- SHA512
  
  92e2c9bb494f890cce624042bfdccc9d206e69c9e18cb61b1a0c7a1c968212212edb7f13ece99a1d751f5faca8bdfb2cc9f1b6ffd08e4bda11f63aabc51fb3a3
- SSDEEP
  
  1536:Jfu1DwyixuXWbYzGEjxuMrwhF5pqZ83YacIyP/69QAq0Gb8/Z5H83oKz:huiDIZ9u6iLqKYBbWq0GQP0oKz
Score

8^/10

discovery
- Contacts a large (615) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Deletes itself
- Executes dropped EXE
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2