56092afde17b0a37371eaa55f0066312fa7b6a5987f958d65b5687ebd3668c04 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fce146004a31da9bfdc95fbd7300eeca_JaffaCakes118
Size

385KB
Sample

240420-qv9tmshh23
MD5

fce146004a31da9bfdc95fbd7300eeca
SHA1

059c2a31eed4b30daee512845bf5aebb3f7c1e76
SHA256

56092afde17b0a37371eaa55f0066312fa7b6a5987f958d65b5687ebd3668c04
SHA512

b26e7db9220bebfc1f9c70815fb77f4316736cea913feb3a9a6b68aa2cfb401895520f064a2a8d3dcce61babc6cc7a8ecd85f52440074da8349f4139918358bf
SSDEEP

6144:DKeeI5LrPd8zff+252gklZxISbtiS2/FrV5v91Ug0Mmu6bv4jKvizYqTXdPT8B:DsI5LruC252DnIldrOicqOB

Score

7^/10

Malware Config

Targets

- Target
  
  fce146004a31da9bfdc95fbd7300eeca_JaffaCakes118
- Size
  
  385KB
- MD5
  
  fce146004a31da9bfdc95fbd7300eeca
- SHA1
  
  059c2a31eed4b30daee512845bf5aebb3f7c1e76
- SHA256
  
  56092afde17b0a37371eaa55f0066312fa7b6a5987f958d65b5687ebd3668c04
- SHA512
  
  b26e7db9220bebfc1f9c70815fb77f4316736cea913feb3a9a6b68aa2cfb401895520f064a2a8d3dcce61babc6cc7a8ecd85f52440074da8349f4139918358bf
- SSDEEP
  
  6144:DKeeI5LrPd8zff+252gklZxISbtiS2/FrV5v91Ug0Mmu6bv4jKvizYqTXdPT8B:DsI5LruC252DnIldrOicqOB
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2