a6d4a8848690b271041299fbd620fb6f49748233cfa42eb365e1b82879aa8169 | Triage

Sharing

General

Target

fe4ba06662186713ed69934e4b9ab5d4_JaffaCakes118
Size

385KB
Sample

240421-drdktahg8s
MD5

fe4ba06662186713ed69934e4b9ab5d4
SHA1

d716d04f37f4eb302e02e5e3f2c447fa875740f7
SHA256

a6d4a8848690b271041299fbd620fb6f49748233cfa42eb365e1b82879aa8169
SHA512

f69e51a0edda67465cafd136e9423cc55070b212209fd2fdcb4b40ea15822b0ee83e0b5e41ea3c030102a57979b6e7ceef75db75835db5b02832cde244f4f299
SSDEEP

12288:5vDbNhgtkDvqo0ZXvgFigFdTr7yFIjAx532FSJBccLXUOXxlPZ1CUB:B/AyWo0REVjTKPB

Score

7^/10

Malware Config

Targets

- Target
  
  fe4ba06662186713ed69934e4b9ab5d4_JaffaCakes118
- Size
  
  385KB
- MD5
  
  fe4ba06662186713ed69934e4b9ab5d4
- SHA1
  
  d716d04f37f4eb302e02e5e3f2c447fa875740f7
- SHA256
  
  a6d4a8848690b271041299fbd620fb6f49748233cfa42eb365e1b82879aa8169
- SHA512
  
  f69e51a0edda67465cafd136e9423cc55070b212209fd2fdcb4b40ea15822b0ee83e0b5e41ea3c030102a57979b6e7ceef75db75835db5b02832cde244f4f299
- SSDEEP
  
  12288:5vDbNhgtkDvqo0ZXvgFigFdTr7yFIjAx532FSJBccLXUOXxlPZ1CUB:B/AyWo0REVjTKPB
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2