49fd5528a34afb4d27f8d32d6ff1b3e57f27c3ce76bba3ecdcab1a63c0b6e884 | Triage

Sharing

General

Target

fa765731be430069365ac472c4cb7666_JaffaCakes118
Size

907KB
Sample

240419-relbsafb6y
MD5

fa765731be430069365ac472c4cb7666
SHA1

02f12073f2a3a5075e9d5d9246400cd4b2540747
SHA256

49fd5528a34afb4d27f8d32d6ff1b3e57f27c3ce76bba3ecdcab1a63c0b6e884
SHA512

a0e2117919c0b1efc36558341ae252453cd8dce82435fa47ee311aed25445e585521c6773d2dcb400225ba223641d3894b86b85b3a619a77b226f4e3c2d8443a
SSDEEP

12288:4ECKEuddgbWjMa4tCv/4GGfR8zGe6rHVk3r2GX1aAfbni2oMYR9FjVDa/ZS1:4igbm0tCvOR8h6pk7HX0An2ZD7a/ZS1

Score

7^/10

Malware Config

Targets

- Target
  
  fa765731be430069365ac472c4cb7666_JaffaCakes118
- Size
  
  907KB
- MD5
  
  fa765731be430069365ac472c4cb7666
- SHA1
  
  02f12073f2a3a5075e9d5d9246400cd4b2540747
- SHA256
  
  49fd5528a34afb4d27f8d32d6ff1b3e57f27c3ce76bba3ecdcab1a63c0b6e884
- SHA512
  
  a0e2117919c0b1efc36558341ae252453cd8dce82435fa47ee311aed25445e585521c6773d2dcb400225ba223641d3894b86b85b3a619a77b226f4e3c2d8443a
- SSDEEP
  
  12288:4ECKEuddgbWjMa4tCv/4GGfR8zGe6rHVk3r2GX1aAfbni2oMYR9FjVDa/ZS1:4igbm0tCvOR8h6pk7HX0An2ZD7a/ZS1
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2