8883cc13e0f391979e828931e59168cd8bdb1814598323622a51f85ab302f3f8 | Triage

Resubmissions

10-04-2024 05:34

240410-f9shssha71 6

10-04-2024 05:34

240410-f9rw9sdh27 6

10-04-2024 05:34

240410-f9raqsha7w 6

10-04-2024 05:34

240410-f9qzzadh24 6

01-04-2024 07:59

240401-jvlcqaha5w 7

01-04-2024 07:58

240401-jt2y3sha3y 6

01-04-2024 07:57

240401-jthkfaha2v 6

01-04-2024 07:53

240401-jrfytsgh6w 6

01-04-2024 07:26

240401-h9vdhagd9w 7

01-04-2024 07:23

240401-h777ksgh22 6

Sharing

General

Target

08456d53df6abf9812cf4549b3b582ea_JaffaCakes118
Size

131KB
Sample

240401-jvlcqaha5w
MD5

08456d53df6abf9812cf4549b3b582ea
SHA1

500c86eb1e89469dd226f3d664e860f7676a9225
SHA256

8883cc13e0f391979e828931e59168cd8bdb1814598323622a51f85ab302f3f8
SHA512

40125b077f5485be87e6cfb1339651baae342046dc34ed9a5b97541486006511c959ebe89651a0264dd761167886843c6cc597b359cb8384675696999ff3c52b
SSDEEP

1536:BL+O/U7OBmKGS6CBK0t/ZCXPGuxgDM5YKBGNc/xf6KWcs8+SUkIcekqY1o/uImzk:BLxUyjp3xCTyDMsUWyw+Ubx7NR

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  08456d53df6abf9812cf4549b3b582ea_JaffaCakes118
- Size
  
  131KB
- MD5
  
  08456d53df6abf9812cf4549b3b582ea
- SHA1
  
  500c86eb1e89469dd226f3d664e860f7676a9225
- SHA256
  
  8883cc13e0f391979e828931e59168cd8bdb1814598323622a51f85ab302f3f8
- SHA512
  
  40125b077f5485be87e6cfb1339651baae342046dc34ed9a5b97541486006511c959ebe89651a0264dd761167886843c6cc597b359cb8384675696999ff3c52b
- SSDEEP
  
  1536:BL+O/U7OBmKGS6CBK0t/ZCXPGuxgDM5YKBGNc/xf6KWcs8+SUkIcekqY1o/uImzk:BLxUyjp3xCTyDMsUWyw+Ubx7NR
Score

7^/10

persistence
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
- Adds Run key to start application
  persistence
- Uses Tor communications
  Malware can proxy its traffic through Tor for more anonymity.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Proxy

Exfiltration

Impact

Tasks

static1

behavioral1