6490e08dbee2122629cbaa1aaa70fd33405d8c4d781ee3c157662c5b44c2cd96 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f98cb8fd662ece94ce4356d3c9ac363a_JaffaCakes118
Size

907KB
Sample

240419-fhmhgaad31
MD5

f98cb8fd662ece94ce4356d3c9ac363a
SHA1

fd6822664e8f1ddc0ce9b138923a57628192b653
SHA256

6490e08dbee2122629cbaa1aaa70fd33405d8c4d781ee3c157662c5b44c2cd96
SHA512

674edea13ece873dffe1ef8483bd9b7ac7cfee997f87da5fdff53c97a4fc745a0546abd7eef775598b28fc90595533bcf1af7ad132f3297085c66aa7ea8c8058
SSDEEP

12288:AvYHhe8Q2fmW1mYzK/4D2/oeJSx7sb5IMtF6NPQLDLp+3qYDL+jVDa/ZS1:iYbtRKm26o5Z6NPhzDLsa/ZS1

Score

7^/10

Malware Config

Targets

- Target
  
  f98cb8fd662ece94ce4356d3c9ac363a_JaffaCakes118
- Size
  
  907KB
- MD5
  
  f98cb8fd662ece94ce4356d3c9ac363a
- SHA1
  
  fd6822664e8f1ddc0ce9b138923a57628192b653
- SHA256
  
  6490e08dbee2122629cbaa1aaa70fd33405d8c4d781ee3c157662c5b44c2cd96
- SHA512
  
  674edea13ece873dffe1ef8483bd9b7ac7cfee997f87da5fdff53c97a4fc745a0546abd7eef775598b28fc90595533bcf1af7ad132f3297085c66aa7ea8c8058
- SSDEEP
  
  12288:AvYHhe8Q2fmW1mYzK/4D2/oeJSx7sb5IMtF6NPQLDLp+3qYDL+jVDa/ZS1:iYbtRKm26o5Z6NPhzDLsa/ZS1
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2