Overview

overview

6

Static

static

1

Noua coman...ta.exe

windows7-x64

6

Noua coman...ta.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    65c8ecb559b2ffbf748cdd0744eefb35_JaffaCakes118

  • Size

    737KB

  • Sample

    240522-dh6v1aad3z

  • MD5

    65c8ecb559b2ffbf748cdd0744eefb35

  • SHA1

    c2b687bc799ee75925ddcba627f1270556c4a4d2

  • SHA256

    15a6050dae94af879b4ef098091121126297612c3bd29e6e857cae2926f8326c

  • SHA512

    eb603414117ab2842a09c6c68fd18ac53f2c8b50ace1fa5e55fc6fd2991c34adf0c7ad62eb67bc2e74d2c13d6fd7358d9021c3e5454271c1df813b9430777b43

  • SSDEEP

    12288:FJSj4YQtY7azFF6Ike5ivg82cZNcdkXuUogzIGxhGc9Q2lZ29V4Dri5r2fvsbu8K:FJ/hplwZNcdkygzIGDlX29V4ni5wv8uv

Score
6/10

Malware Config

Targets

    • Target

      Noua comanda de achizitie este atasata.exe

    • Size

      1016KB

    • MD5

      5091fc162ff9ad52daf47aa6b6131b85

    • SHA1

      64604fd28c896f9eba105841d216d41f4d0001a1

    • SHA256

      9302b88f499f05c0b9bc9ab0858c6fae4f1d7d45a648f5e292108b258d757f2a

    • SHA512

      ca5e7af1c48dd10df04a0afa3662e0bbec432e15a48669f9e3af912a7519c61cf14662cf9d07a85a3cae726b34ea18e846bd4eb77e7e8152b51ba1a228b24e62

    • SSDEEP

      12288:KSrVlG/k3LaSj6RvgQ3UyJcYm5OIvc4AC84dlWnVOUWEzQraerDZm+GKO:KUOyLa06SGbmYm5Tv8C8yWnmE8rTtmd

    Score
    6/10

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

1
T1553

Install Root Certificate

1
T1553.004

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

1
T1102

Impact

Resource Development

Reconnaissance

Tasks