4ddff0e72faff897c076bdbd7e4e085a1486d6b9a8f4bf0d626a0e12d9c3ee96 | Triage

Sharing

General

Target

ed9e4c47089afd54058f4c8be8c4a579_JaffaCakes118
Size

385KB
Sample

240411-rms2ladb57
MD5

ed9e4c47089afd54058f4c8be8c4a579
SHA1

735e35db4e17a2d7b5c703f8ffa91aac53960c00
SHA256

4ddff0e72faff897c076bdbd7e4e085a1486d6b9a8f4bf0d626a0e12d9c3ee96
SHA512

b0c85f60280158529a8a7cb34b658e2be49b56b70d87d49aca59d75b752206416a0dab10d038a208f854fb0462edbd3ad5f51fca3b14e1fca69025cc1c69a212
SSDEEP

6144:rUbfHNdzLwsoyrw4lgiwPVLZdMmbDq8yyjS9kcbCk+TTZHLJqHL+ZB6B//iaED3B:kldnw4kmgRVd/bD3Nv08ZrJqHL5oaYB

Score

7^/10

Malware Config

Targets

- Target
  
  ed9e4c47089afd54058f4c8be8c4a579_JaffaCakes118
- Size
  
  385KB
- MD5
  
  ed9e4c47089afd54058f4c8be8c4a579
- SHA1
  
  735e35db4e17a2d7b5c703f8ffa91aac53960c00
- SHA256
  
  4ddff0e72faff897c076bdbd7e4e085a1486d6b9a8f4bf0d626a0e12d9c3ee96
- SHA512
  
  b0c85f60280158529a8a7cb34b658e2be49b56b70d87d49aca59d75b752206416a0dab10d038a208f854fb0462edbd3ad5f51fca3b14e1fca69025cc1c69a212
- SSDEEP
  
  6144:rUbfHNdzLwsoyrw4lgiwPVLZdMmbDq8yyjS9kcbCk+TTZHLJqHL+ZB6B//iaED3B:kldnw4kmgRVd/bD3Nv08ZrJqHL5oaYB
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2