67d1a4564a990ed28a2010d8713baaff60c3f3ff6d7daa8b5443d920b086a7e0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

eb2cba75bd7123a159f5eb6a9991411d_JaffaCakes118
Size

907KB
Sample

240410-qrjhaahc99
MD5

eb2cba75bd7123a159f5eb6a9991411d
SHA1

61e9a7b8f87ce1e35424e4786ef4b3beee86cfa8
SHA256

67d1a4564a990ed28a2010d8713baaff60c3f3ff6d7daa8b5443d920b086a7e0
SHA512

ffc5981fa63631d261215831fcadf097a06aba5cc6405ba53e855bab409626dec82cc475ba8347e8821afa0e838bcc6a06b7fddb21b721c893971d14baa3cb09
SSDEEP

24576:D6K7fowWt91jrCywHv9HY/rrkkIW9S9Ma/ZS1:Dx7fxW/jUY/rrxIW9LgS

Score

7^/10

Malware Config

Targets

- Target
  
  eb2cba75bd7123a159f5eb6a9991411d_JaffaCakes118
- Size
  
  907KB
- MD5
  
  eb2cba75bd7123a159f5eb6a9991411d
- SHA1
  
  61e9a7b8f87ce1e35424e4786ef4b3beee86cfa8
- SHA256
  
  67d1a4564a990ed28a2010d8713baaff60c3f3ff6d7daa8b5443d920b086a7e0
- SHA512
  
  ffc5981fa63631d261215831fcadf097a06aba5cc6405ba53e855bab409626dec82cc475ba8347e8821afa0e838bcc6a06b7fddb21b721c893971d14baa3cb09
- SSDEEP
  
  24576:D6K7fowWt91jrCywHv9HY/rrkkIW9S9Ma/ZS1:Dx7fxW/jUY/rrxIW9LgS
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2