400bc179fa2e0a003d0a64569d89e95a562128b4e0a2218cefe625726ba8253b | Triage

Sharing

General

Target

e9a11a99d6687d0658d4f859e8f9eb7a_JaffaCakes118
Size

385KB
Sample

240409-kyymwsee7s
MD5

e9a11a99d6687d0658d4f859e8f9eb7a
SHA1

bbaf6eb6a7691f5c7973ddf7b5a58bc1271b64b3
SHA256

400bc179fa2e0a003d0a64569d89e95a562128b4e0a2218cefe625726ba8253b
SHA512

cb417d6ba87aa1b434a0910163f258ea54e4c0cbec5d001220f602043b6a30db3f78a2d2f3dd052d2d6f1b0ccee98d1f8171471452ff473761f1b12cf78d456a
SSDEEP

12288:jKB0YWVG3r4Fvh4zqGJYKzBH9Kj4SGkl7wBMzzUbCZbwLB:jKB0BVGcRCuZ8H9Kjrl7TZxkB

Score

7^/10

Malware Config

Targets

- Target
  
  e9a11a99d6687d0658d4f859e8f9eb7a_JaffaCakes118
- Size
  
  385KB
- MD5
  
  e9a11a99d6687d0658d4f859e8f9eb7a
- SHA1
  
  bbaf6eb6a7691f5c7973ddf7b5a58bc1271b64b3
- SHA256
  
  400bc179fa2e0a003d0a64569d89e95a562128b4e0a2218cefe625726ba8253b
- SHA512
  
  cb417d6ba87aa1b434a0910163f258ea54e4c0cbec5d001220f602043b6a30db3f78a2d2f3dd052d2d6f1b0ccee98d1f8171471452ff473761f1b12cf78d456a
- SSDEEP
  
  12288:jKB0YWVG3r4Fvh4zqGJYKzBH9Kj4SGkl7wBMzzUbCZbwLB:jKB0BVGcRCuZ8H9Kjrl7TZxkB
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2