ed6393ac78a680631a54893f64d77ed194a89565d9690d03bbe41675061424ee | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e791f68f0988089ef10b2d3f6546cd64_JaffaCakes118
Size

385KB
Sample

240408-qs1g7adf4t
MD5

e791f68f0988089ef10b2d3f6546cd64
SHA1

067d3aebc518cd8ce34e9cf671efc895fdce2f5d
SHA256

ed6393ac78a680631a54893f64d77ed194a89565d9690d03bbe41675061424ee
SHA512

315cf4f437a8029208481641bf5cb7dcd5e98f974691db9679cc224eecc1f7be9c9ec7df9a4d4bcd6fa0f0b0f41761b871d4fec0e1b924f126d21a741ca97923
SSDEEP

6144:YSisv9A2TwmFjSXQCDMLY/xlaETdsiArPT7uu8+02B:PiEbwGjeBDWqTa6iiAbT7uM02B

Score

7^/10

Malware Config

Targets

- Target
  
  e791f68f0988089ef10b2d3f6546cd64_JaffaCakes118
- Size
  
  385KB
- MD5
  
  e791f68f0988089ef10b2d3f6546cd64
- SHA1
  
  067d3aebc518cd8ce34e9cf671efc895fdce2f5d
- SHA256
  
  ed6393ac78a680631a54893f64d77ed194a89565d9690d03bbe41675061424ee
- SHA512
  
  315cf4f437a8029208481641bf5cb7dcd5e98f974691db9679cc224eecc1f7be9c9ec7df9a4d4bcd6fa0f0b0f41761b871d4fec0e1b924f126d21a741ca97923
- SSDEEP
  
  6144:YSisv9A2TwmFjSXQCDMLY/xlaETdsiArPT7uu8+02B:PiEbwGjeBDWqTa6iiAbT7uM02B
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2