30387f032d6b8fcb73d776efd9a1b1ab21da564a7afa26e0ab75ce1c6ccf23cf | Triage

Sharing

General

Target

eb9e89cdd035158011a98e92f98ae83b_JaffaCakes118
Size

385KB
Sample

240410-v5k1gsfa73
MD5

eb9e89cdd035158011a98e92f98ae83b
SHA1

8db9d1ec9e2254100677d68ee33aae124bdf6f0f
SHA256

30387f032d6b8fcb73d776efd9a1b1ab21da564a7afa26e0ab75ce1c6ccf23cf
SHA512

e59263bdfb10bcee711ed36946ec7e59ba64bcf7fb7da9c686947ed66b5d70c4ba8e2f5c5a95bc0deb005ee7a6e60eb90135d3fa10bb8edc019641f968b75327
SSDEEP

12288:Y63A8hsjIrK/CoJo+YphFVhmx92gvLJVR95hJbXg7Q6iZ0JqVk3QEInVnlSv2n0g:Y63A8hsjIrK/CoJo+YphFVhmx92gvLr7

Score

7^/10

Malware Config

Targets

- Target
  
  eb9e89cdd035158011a98e92f98ae83b_JaffaCakes118
- Size
  
  385KB
- MD5
  
  eb9e89cdd035158011a98e92f98ae83b
- SHA1
  
  8db9d1ec9e2254100677d68ee33aae124bdf6f0f
- SHA256
  
  30387f032d6b8fcb73d776efd9a1b1ab21da564a7afa26e0ab75ce1c6ccf23cf
- SHA512
  
  e59263bdfb10bcee711ed36946ec7e59ba64bcf7fb7da9c686947ed66b5d70c4ba8e2f5c5a95bc0deb005ee7a6e60eb90135d3fa10bb8edc019641f968b75327
- SSDEEP
  
  12288:Y63A8hsjIrK/CoJo+YphFVhmx92gvLJVR95hJbXg7Q6iZ0JqVk3QEInVnlSv2n0g:Y63A8hsjIrK/CoJo+YphFVhmx92gvLr7
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2