b6b6d0bca3f8e8f360eef0a3eb3368a61a94a9534a5bfec589b4d12a0b2d62d0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fd49a9d34c3c4a331634d522c43d823b_JaffaCakes118
Size

385KB
Sample

240420-wc5pvsed5s
MD5

fd49a9d34c3c4a331634d522c43d823b
SHA1

7851fbe5133c8db94c6a15aefe2db45ff0eb1151
SHA256

b6b6d0bca3f8e8f360eef0a3eb3368a61a94a9534a5bfec589b4d12a0b2d62d0
SHA512

c6f6a1439f0342e5b423feb0b6670451407c86b1399b4a50ecc5d6119ccfe83492b78052e84c5a41c26696319943c7faae34e4c8c934d2d7438a21e26e07e2a0
SSDEEP

6144:7JDBDfqcEB1AjzthP0Fkcf8VC82SZT5jVNfv1D0zi2yzGB:11epAzYe1t2SZT5jVhvki2lB

Score

7^/10

Malware Config

Targets

- Target
  
  fd49a9d34c3c4a331634d522c43d823b_JaffaCakes118
- Size
  
  385KB
- MD5
  
  fd49a9d34c3c4a331634d522c43d823b
- SHA1
  
  7851fbe5133c8db94c6a15aefe2db45ff0eb1151
- SHA256
  
  b6b6d0bca3f8e8f360eef0a3eb3368a61a94a9534a5bfec589b4d12a0b2d62d0
- SHA512
  
  c6f6a1439f0342e5b423feb0b6670451407c86b1399b4a50ecc5d6119ccfe83492b78052e84c5a41c26696319943c7faae34e4c8c934d2d7438a21e26e07e2a0
- SSDEEP
  
  6144:7JDBDfqcEB1AjzthP0Fkcf8VC82SZT5jVNfv1D0zi2yzGB:11epAzYe1t2SZT5jVhvki2lB
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2