d3286bcbda0662a9668296469f5c6a4289da1ff8ae5e46d69d5a4c2ef3da2edc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e9077de07e50c862fe1e49b279e1e80a_JaffaCakes118
Size

385KB
Sample

240409-c7cg1sca89
MD5

e9077de07e50c862fe1e49b279e1e80a
SHA1

1f0ff4029a074ab666e8ed6604dee03facf49ec7
SHA256

d3286bcbda0662a9668296469f5c6a4289da1ff8ae5e46d69d5a4c2ef3da2edc
SHA512

5ef9fc4a5385ed5a0c384e7858f0136f68f7a2161ac1b684358806d2cb56aecb88e5f82f7138850523047af21325c221ce66b4cd23e765a2201e03ae7c5a8d39
SSDEEP

12288:hlYahvi7Uyw+kTapUCpmVsfQp9AjVSqNNH/B:hlLwUIkeMwQ8jVSStB

Score

7^/10

Malware Config

Targets

- Target
  
  e9077de07e50c862fe1e49b279e1e80a_JaffaCakes118
- Size
  
  385KB
- MD5
  
  e9077de07e50c862fe1e49b279e1e80a
- SHA1
  
  1f0ff4029a074ab666e8ed6604dee03facf49ec7
- SHA256
  
  d3286bcbda0662a9668296469f5c6a4289da1ff8ae5e46d69d5a4c2ef3da2edc
- SHA512
  
  5ef9fc4a5385ed5a0c384e7858f0136f68f7a2161ac1b684358806d2cb56aecb88e5f82f7138850523047af21325c221ce66b4cd23e765a2201e03ae7c5a8d39
- SSDEEP
  
  12288:hlYahvi7Uyw+kTapUCpmVsfQp9AjVSqNNH/B:hlLwUIkeMwQ8jVSStB
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2