cc8d10884595d6eeeec737482466c6eb2c67564a95dc332c06825cf8a70d8a43 | Triage

Sharing

General

Target

f11351188c17bb3de23b64f2a9fffaf3_JaffaCakes118
Size

385KB
Sample

240415-pvta8agg9x
MD5

f11351188c17bb3de23b64f2a9fffaf3
SHA1

6913c823d408a2f41d3f0014280aa5cb712423d1
SHA256

cc8d10884595d6eeeec737482466c6eb2c67564a95dc332c06825cf8a70d8a43
SHA512

cf0f1ac202f1de1bbfa04a0b5d0fc5414ea83c1812965b7e03eef052452a246a47e2e7184f6bba328fd1790b03f7ae7098e1e444c5a6c3c0ba291c65f5ff28da
SSDEEP

12288:a3xnuo7Nq2kVadGWQJLkiOONbjFRBTisyvvB:kPgVahk2yjF7IXB

Score

7^/10

Malware Config

Targets

- Target
  
  f11351188c17bb3de23b64f2a9fffaf3_JaffaCakes118
- Size
  
  385KB
- MD5
  
  f11351188c17bb3de23b64f2a9fffaf3
- SHA1
  
  6913c823d408a2f41d3f0014280aa5cb712423d1
- SHA256
  
  cc8d10884595d6eeeec737482466c6eb2c67564a95dc332c06825cf8a70d8a43
- SHA512
  
  cf0f1ac202f1de1bbfa04a0b5d0fc5414ea83c1812965b7e03eef052452a246a47e2e7184f6bba328fd1790b03f7ae7098e1e444c5a6c3c0ba291c65f5ff28da
- SSDEEP
  
  12288:a3xnuo7Nq2kVadGWQJLkiOONbjFRBTisyvvB:kPgVahk2yjF7IXB
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2