5541ea53bef94562eced11c2f12d65cc346df5c0ff144487414f9878bca54041 | Triage

Sharing

General

Target

ecb5a5787b35f0685de4d3015448d1c7_JaffaCakes118
Size

1000KB
Sample

240411-fj37lsga2z
MD5

ecb5a5787b35f0685de4d3015448d1c7
SHA1

ff76972807ca531e046999a351aff7407fbd6db7
SHA256

5541ea53bef94562eced11c2f12d65cc346df5c0ff144487414f9878bca54041
SHA512

02a8676b66123b82cacf40bc8eb2e43bb050923548cc42cb89370b8052489d5f0c757c57842a477a35a49960b78bd26dd55924149a7824f8c3b85dc29ced5c2b
SSDEEP

24576:I7/m2RlQVD5QKLvX4/1B+5vMiqt0gj2ed:oAVDTvIfqOL

Score

7^/10

Malware Config

Targets

- Target
  
  ecb5a5787b35f0685de4d3015448d1c7_JaffaCakes118
- Size
  
  1000KB
- MD5
  
  ecb5a5787b35f0685de4d3015448d1c7
- SHA1
  
  ff76972807ca531e046999a351aff7407fbd6db7
- SHA256
  
  5541ea53bef94562eced11c2f12d65cc346df5c0ff144487414f9878bca54041
- SHA512
  
  02a8676b66123b82cacf40bc8eb2e43bb050923548cc42cb89370b8052489d5f0c757c57842a477a35a49960b78bd26dd55924149a7824f8c3b85dc29ced5c2b
- SSDEEP
  
  24576:I7/m2RlQVD5QKLvX4/1B+5vMiqt0gj2ed:oAVDTvIfqOL
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2