030ac10d634e80878f188dc50c4a8c8a075e74c52a3bb5e6dbf48d934628c502 | Triage

Sharing

General

Target

eb741c29f99072cc48295b620a197f37_JaffaCakes118
Size

1000KB
Sample

240410-tlcdkagf5w
MD5

eb741c29f99072cc48295b620a197f37
SHA1

2ab7501a5ea8228d951339ebfa61fde89c583430
SHA256

030ac10d634e80878f188dc50c4a8c8a075e74c52a3bb5e6dbf48d934628c502
SHA512

b38801cd698efd58386cfb25b30deeaffc7c561219a6ae72055fda485ffa0bc2ef629b26518268797e017bb3a91bd8b26a70113bd264452e4c1671feb703d3af
SSDEEP

24576:/Tq7w2KvADK0Yfux8PAO9YmpV6FKyCTPR1B+5vMiqt0gj2ed:/p2MeKyxCBYKy6qOL

Score

7^/10

Malware Config

Targets

- Target
  
  eb741c29f99072cc48295b620a197f37_JaffaCakes118
- Size
  
  1000KB
- MD5
  
  eb741c29f99072cc48295b620a197f37
- SHA1
  
  2ab7501a5ea8228d951339ebfa61fde89c583430
- SHA256
  
  030ac10d634e80878f188dc50c4a8c8a075e74c52a3bb5e6dbf48d934628c502
- SHA512
  
  b38801cd698efd58386cfb25b30deeaffc7c561219a6ae72055fda485ffa0bc2ef629b26518268797e017bb3a91bd8b26a70113bd264452e4c1671feb703d3af
- SSDEEP
  
  24576:/Tq7w2KvADK0Yfux8PAO9YmpV6FKyCTPR1B+5vMiqt0gj2ed:/p2MeKyxCBYKy6qOL
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2