2c2b54b1e88ca705c1e91c6c0eb875e19a112548cc8c1e4f4da7f6ff6cc2321a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f494ca9b22feffc8c28e7424df9391ec_JaffaCakes118
Size

385KB
Sample

240416-3nar7ahc2y
MD5

f494ca9b22feffc8c28e7424df9391ec
SHA1

6c72b83a73aaea2c97bcf00605466713af5659d0
SHA256

2c2b54b1e88ca705c1e91c6c0eb875e19a112548cc8c1e4f4da7f6ff6cc2321a
SHA512

d56674d29588d27f26550b1d41ec4ad322b2c1ea521b95db7e43f5aee810ca8e83301fd4b12dd0f2f7051953776423982c8acbf69fe7d886dd82933ced7a9fbf
SSDEEP

12288:YtRNLFfjtxb4bzHSU+zbnZv7gWhKxeSA10rLYmYsvrexw8YQKVB:YpLFrroHW+nxebmJVviG8YQ2B

Score

7^/10

Malware Config

Targets

- Target
  
  f494ca9b22feffc8c28e7424df9391ec_JaffaCakes118
- Size
  
  385KB
- MD5
  
  f494ca9b22feffc8c28e7424df9391ec
- SHA1
  
  6c72b83a73aaea2c97bcf00605466713af5659d0
- SHA256
  
  2c2b54b1e88ca705c1e91c6c0eb875e19a112548cc8c1e4f4da7f6ff6cc2321a
- SHA512
  
  d56674d29588d27f26550b1d41ec4ad322b2c1ea521b95db7e43f5aee810ca8e83301fd4b12dd0f2f7051953776423982c8acbf69fe7d886dd82933ced7a9fbf
- SSDEEP
  
  12288:YtRNLFfjtxb4bzHSU+zbnZv7gWhKxeSA10rLYmYsvrexw8YQKVB:YpLFrroHW+nxebmJVviG8YQ2B
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2