f2bcb5fbbae1038fb19eca907dc8a966ccec740c79c19a80f7e1f5be4d2fdf40 | Triage

Sharing

General

Target

f20a05a07a5991ca6a0e206e64db2117_JaffaCakes118
Size

385KB
Sample

240415-13b8fsbf8v
MD5

f20a05a07a5991ca6a0e206e64db2117
SHA1

a627e3b4073bb83d93ce6f50ef118ec9dc2e4209
SHA256

f2bcb5fbbae1038fb19eca907dc8a966ccec740c79c19a80f7e1f5be4d2fdf40
SHA512

c457003d3f49b46f2f10a7dfb01e57dd6dec582c000ae77750a4c2152416fc53183c80387c9ca9c6f83da59ebcb2cb2590077f06b4bcb656376a9c22cc13d94d
SSDEEP

12288:dZR9j8b5EEHG9kUrVleKAT6QDViCAQfgC8B:PR94+Osz1yDViCAoV8B

Score

7^/10

Malware Config

Targets

- Target
  
  f20a05a07a5991ca6a0e206e64db2117_JaffaCakes118
- Size
  
  385KB
- MD5
  
  f20a05a07a5991ca6a0e206e64db2117
- SHA1
  
  a627e3b4073bb83d93ce6f50ef118ec9dc2e4209
- SHA256
  
  f2bcb5fbbae1038fb19eca907dc8a966ccec740c79c19a80f7e1f5be4d2fdf40
- SHA512
  
  c457003d3f49b46f2f10a7dfb01e57dd6dec582c000ae77750a4c2152416fc53183c80387c9ca9c6f83da59ebcb2cb2590077f06b4bcb656376a9c22cc13d94d
- SSDEEP
  
  12288:dZR9j8b5EEHG9kUrVleKAT6QDViCAQfgC8B:PR94+Osz1yDViCAoV8B
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2