5a77eb41ac43b209ebff649e2c6936a8a1f3785f7f0dd8e0015f10cfdd9d4edc | Triage

Sharing

General

Target

e8815702ae1cf62e2dcea7525611f13a_JaffaCakes118
Size

385KB
Sample

240408-1rsq3ach39
MD5

e8815702ae1cf62e2dcea7525611f13a
SHA1

13b7718ce464891e2c2d990c7e7f8f105cfe14f3
SHA256

5a77eb41ac43b209ebff649e2c6936a8a1f3785f7f0dd8e0015f10cfdd9d4edc
SHA512

5fb711d081fb8d56034d248a8d0aaceb41fbdabddbe505a31079df5da6d3b86c69f31a00d3c9547401bffc19d612c8bff5cb6889ce4fc21b4b87e8240504b56d
SSDEEP

12288:a8mjCQUU9Ct/UmI5w8sbPdRtyfZ+jbGj5h9B:afCa9PsbTtyB+jbGz9B

Score

7^/10

Malware Config

Targets

- Target
  
  e8815702ae1cf62e2dcea7525611f13a_JaffaCakes118
- Size
  
  385KB
- MD5
  
  e8815702ae1cf62e2dcea7525611f13a
- SHA1
  
  13b7718ce464891e2c2d990c7e7f8f105cfe14f3
- SHA256
  
  5a77eb41ac43b209ebff649e2c6936a8a1f3785f7f0dd8e0015f10cfdd9d4edc
- SHA512
  
  5fb711d081fb8d56034d248a8d0aaceb41fbdabddbe505a31079df5da6d3b86c69f31a00d3c9547401bffc19d612c8bff5cb6889ce4fc21b4b87e8240504b56d
- SSDEEP
  
  12288:a8mjCQUU9Ct/UmI5w8sbPdRtyfZ+jbGj5h9B:afCa9PsbTtyB+jbGz9B
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2