ceb20d17fccfe99b1c7b846ccda0753323970938b6360cbf917eeb7143cd1ea4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e995398202351793b2e3d3911d336591_JaffaCakes118
Size

385KB
Sample

240409-kg1qxsag44
MD5

e995398202351793b2e3d3911d336591
SHA1

5b626740b7eeb42d2fe96c4717326e087a8c5caa
SHA256

ceb20d17fccfe99b1c7b846ccda0753323970938b6360cbf917eeb7143cd1ea4
SHA512

d2369b4939a3adc082c922f7bfecd98f57d193784cf83c9eaf2c7c449379bca427d41f3e252adb1902d0a723b82d40bbca1f590d910de037fb8a27c7bcad3531
SSDEEP

6144:zdrazx8bdLjWZnFK87T9Q+SL2rhV6Wnbq4th2uyuAhfSnIB:szqYXPT9Q+AqL6KbqNd5uIB

Score

7^/10

Malware Config

Targets

- Target
  
  e995398202351793b2e3d3911d336591_JaffaCakes118
- Size
  
  385KB
- MD5
  
  e995398202351793b2e3d3911d336591
- SHA1
  
  5b626740b7eeb42d2fe96c4717326e087a8c5caa
- SHA256
  
  ceb20d17fccfe99b1c7b846ccda0753323970938b6360cbf917eeb7143cd1ea4
- SHA512
  
  d2369b4939a3adc082c922f7bfecd98f57d193784cf83c9eaf2c7c449379bca427d41f3e252adb1902d0a723b82d40bbca1f590d910de037fb8a27c7bcad3531
- SSDEEP
  
  6144:zdrazx8bdLjWZnFK87T9Q+SL2rhV6Wnbq4th2uyuAhfSnIB:szqYXPT9Q+AqL6KbqNd5uIB
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2