d29e3ab48db1476b4cc7b274688cef510192eeab650ffc1f48100e4c4eeaa38b | Triage

Sharing

General

Target

f327bb3a4c0c8ca4923d22dd1a275536_JaffaCakes118
Size

907KB
Sample

240416-k3pwjsea56
MD5

f327bb3a4c0c8ca4923d22dd1a275536
SHA1

eb266ff76ac33f9fec0da410be75c01e5b28a3b5
SHA256

d29e3ab48db1476b4cc7b274688cef510192eeab650ffc1f48100e4c4eeaa38b
SHA512

41684983e9b2df9373b684e3dd1d91fc73bc78f226db435c18e22e07d8900d5c4d81b263187d5b75eff327063de4467b3c8c2fd93e4d3e69b22b35cb667c67a5
SSDEEP

24576:gMAJTH3XR0xiq6YU2QTWUeCjtmIV8a/ZS1:DSB0u2Y72gS

Score

7^/10

Malware Config

Targets

- Target
  
  f327bb3a4c0c8ca4923d22dd1a275536_JaffaCakes118
- Size
  
  907KB
- MD5
  
  f327bb3a4c0c8ca4923d22dd1a275536
- SHA1
  
  eb266ff76ac33f9fec0da410be75c01e5b28a3b5
- SHA256
  
  d29e3ab48db1476b4cc7b274688cef510192eeab650ffc1f48100e4c4eeaa38b
- SHA512
  
  41684983e9b2df9373b684e3dd1d91fc73bc78f226db435c18e22e07d8900d5c4d81b263187d5b75eff327063de4467b3c8c2fd93e4d3e69b22b35cb667c67a5
- SSDEEP
  
  24576:gMAJTH3XR0xiq6YU2QTWUeCjtmIV8a/ZS1:DSB0u2Y72gS
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2