a4c4e6cb3325d9333bc14659b1bca8dcfcc346d9f60a17965cbe43a8629fa8b7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f5e8fcd73b499dfa5482c353e79119f0_JaffaCakes118
Size

200KB
Sample

240417-q1jveabg2s
MD5

f5e8fcd73b499dfa5482c353e79119f0
SHA1

015a3c96515fe964bca32a4aa5e4c4f0608a142d
SHA256

a4c4e6cb3325d9333bc14659b1bca8dcfcc346d9f60a17965cbe43a8629fa8b7
SHA512

adbe6d0a34d9a21125ea089ead114461ba5e650e95d79e4f0957e286356bf0f5943ad03201ddb1c1a92029bcc7e1a149c6c6945e92a2390476cec789eb99e786
SSDEEP

6144:htLw1flN4zhaWwKWMavVCSB7V0bagM4jB:hav4kWzDa9CSB7Vv4V

Score

6^/10

Malware Config

Targets

- Target
  
  f5e8fcd73b499dfa5482c353e79119f0_JaffaCakes118
- Size
  
  200KB
- MD5
  
  f5e8fcd73b499dfa5482c353e79119f0
- SHA1
  
  015a3c96515fe964bca32a4aa5e4c4f0608a142d
- SHA256
  
  a4c4e6cb3325d9333bc14659b1bca8dcfcc346d9f60a17965cbe43a8629fa8b7
- SHA512
  
  adbe6d0a34d9a21125ea089ead114461ba5e650e95d79e4f0957e286356bf0f5943ad03201ddb1c1a92029bcc7e1a149c6c6945e92a2390476cec789eb99e786
- SSDEEP
  
  6144:htLw1flN4zhaWwKWMavVCSB7V0bagM4jB:hav4kWzDa9CSB7Vv4V
Score

6^/10
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2