8900d008a65f0023379337f37e48920f0446f4632ba630f3093801e04f76ae1a | Triage

Sharing

General

Target

e8164af68b74d5accdee8442816d45c8_JaffaCakes118
Size

20KB
Sample

240408-wqgvysah2v
MD5

e8164af68b74d5accdee8442816d45c8
SHA1

cf540bc52b6c9756deab7a8cb4d21923159732cc
SHA256

8900d008a65f0023379337f37e48920f0446f4632ba630f3093801e04f76ae1a
SHA512

68346de47bede9407e90561e53f34dfc67b6da53f44dd45ae62c192af09ce8df30ce9d07d15d79a05ec5f882a4331e3f6f346c760e53f21d0ca2ce380c52b3b1
SSDEEP

96:/lx9XBhvtjXHbjtSJ0in3N9HDXNxOhDE+2DLlI2:/TZXFj3bjti99HDXNSDEJpI

Score

6^/10

motw phishing

Malware Config

Targets

- Target
  
  e8164af68b74d5accdee8442816d45c8_JaffaCakes118
- Size
  
  20KB
- MD5
  
  e8164af68b74d5accdee8442816d45c8
- SHA1
  
  cf540bc52b6c9756deab7a8cb4d21923159732cc
- SHA256
  
  8900d008a65f0023379337f37e48920f0446f4632ba630f3093801e04f76ae1a
- SHA512
  
  68346de47bede9407e90561e53f34dfc67b6da53f44dd45ae62c192af09ce8df30ce9d07d15d79a05ec5f882a4331e3f6f346c760e53f21d0ca2ce380c52b3b1
- SSDEEP
  
  96:/lx9XBhvtjXHbjtSJ0in3N9HDXNxOhDE+2DLlI2:/TZXFj3bjti99HDXNSDEJpI
Score

6^/10

motw phishing
- Mark of the Web detected: This indicates that the page was originally saved or cloned.
  phishing motw
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2