cfffc467f24e3372dbb1fc43fffc92918ca781fed0509b9f6da8b6cf4f074e40 | Triage

Sharing

General

Target

e95aa7448831dd073ed1b2767d021b04_JaffaCakes118
Size

385KB
Sample

240409-geh7babd8y
MD5

e95aa7448831dd073ed1b2767d021b04
SHA1

ce8a692d7f49bce4cc1e9925173383e703b6e096
SHA256

cfffc467f24e3372dbb1fc43fffc92918ca781fed0509b9f6da8b6cf4f074e40
SHA512

ca3e4105903658798b97944ec5c022f4fcbd8d8bb95f7ebac4e8578a8d65b26b5aa8a8dd4dcaec4cd280a064e93a63eae8ea510df90fcafa495d53cd2779aebf
SSDEEP

6144:nIctPK94yphe//2wVyK/p6tGQHYbdYEnVujOEDo2D/17O1uk59n9IbMsNB3VB:nIcGFp0//xJkQ0YejzSuSn8RB

Score

7^/10

Malware Config

Targets

- Target
  
  e95aa7448831dd073ed1b2767d021b04_JaffaCakes118
- Size
  
  385KB
- MD5
  
  e95aa7448831dd073ed1b2767d021b04
- SHA1
  
  ce8a692d7f49bce4cc1e9925173383e703b6e096
- SHA256
  
  cfffc467f24e3372dbb1fc43fffc92918ca781fed0509b9f6da8b6cf4f074e40
- SHA512
  
  ca3e4105903658798b97944ec5c022f4fcbd8d8bb95f7ebac4e8578a8d65b26b5aa8a8dd4dcaec4cd280a064e93a63eae8ea510df90fcafa495d53cd2779aebf
- SSDEEP
  
  6144:nIctPK94yphe//2wVyK/p6tGQHYbdYEnVujOEDo2D/17O1uk59n9IbMsNB3VB:nIcGFp0//xJkQ0YejzSuSn8RB
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2