9a625db6cc16ee9ee62cdba9de826cc7a59133df88ea97af9a4c0e5c594f227f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f8918b3a5ebbd22ed6afb6048b24a6a4_JaffaCakes118
Size

385KB
Sample

240418-xq538adc8x
MD5

f8918b3a5ebbd22ed6afb6048b24a6a4
SHA1

cf63a6a769d3fb5605a52551d1cc49396e384778
SHA256

9a625db6cc16ee9ee62cdba9de826cc7a59133df88ea97af9a4c0e5c594f227f
SHA512

560da37f7415da98c4bdb232c94454e310f5e0aa0e77bc207e4bacbec8ddbb5a0b0a8d9cca0369b54d6cc04ad8b6a7550ab0c6840d0a32d8c4948512a6e7f182
SSDEEP

6144:31Il6+oRbtbfetcxVTXcJXQ7OPtUjT2rXc7a+WLGVeNLvWr6/il5B:31SSbfeCxVAJXkYtUjCr0eNLvWDl5B

Score

7^/10

Malware Config

Targets

- Target
  
  f8918b3a5ebbd22ed6afb6048b24a6a4_JaffaCakes118
- Size
  
  385KB
- MD5
  
  f8918b3a5ebbd22ed6afb6048b24a6a4
- SHA1
  
  cf63a6a769d3fb5605a52551d1cc49396e384778
- SHA256
  
  9a625db6cc16ee9ee62cdba9de826cc7a59133df88ea97af9a4c0e5c594f227f
- SHA512
  
  560da37f7415da98c4bdb232c94454e310f5e0aa0e77bc207e4bacbec8ddbb5a0b0a8d9cca0369b54d6cc04ad8b6a7550ab0c6840d0a32d8c4948512a6e7f182
- SSDEEP
  
  6144:31Il6+oRbtbfetcxVTXcJXQ7OPtUjT2rXc7a+WLGVeNLvWr6/il5B:31SSbfeCxVAJXkYtUjCr0eNLvWDl5B
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2