31d5d25096edfc92a96c2655ecd0993d940b375b0f3b08d799c0726a1d541701 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f89a04076b5aedef3250eb6c249f7a15_JaffaCakes118
Size

385KB
Sample

240418-x4seaadh2x
MD5

f89a04076b5aedef3250eb6c249f7a15
SHA1

20902406d2c3f5cf6f06fb3ca4b21a5288e023cc
SHA256

31d5d25096edfc92a96c2655ecd0993d940b375b0f3b08d799c0726a1d541701
SHA512

4993fa01ad9133138ae4ceb4f4083bfc4c75b1917e69400ab7043604b4548fed241b6c505d693093bbaba91bbe9fa369dd36d8592d0d1f59fbc3b981afe04779
SSDEEP

6144:4xO4GclbaTgFbAPfjzBACx3RsdJpL390i+mGj+/YeHcBahPHsB:4/GclbasqAYsvJ90iXG6YeHcBahkB

Score

7^/10

Malware Config

Targets

- Target
  
  f89a04076b5aedef3250eb6c249f7a15_JaffaCakes118
- Size
  
  385KB
- MD5
  
  f89a04076b5aedef3250eb6c249f7a15
- SHA1
  
  20902406d2c3f5cf6f06fb3ca4b21a5288e023cc
- SHA256
  
  31d5d25096edfc92a96c2655ecd0993d940b375b0f3b08d799c0726a1d541701
- SHA512
  
  4993fa01ad9133138ae4ceb4f4083bfc4c75b1917e69400ab7043604b4548fed241b6c505d693093bbaba91bbe9fa369dd36d8592d0d1f59fbc3b981afe04779
- SSDEEP
  
  6144:4xO4GclbaTgFbAPfjzBACx3RsdJpL390i+mGj+/YeHcBahPHsB:4/GclbasqAYsvJ90iXG6YeHcBahkB
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2