b0ed2c857e16dc73cb43948b6a476b4352ec93822b6429081e55e34ffd797d4e | Triage

Sharing

General

Target

69391376e609f6686d1fac56553c1848_JaffaCakes118
Size

8KB
Sample

240523-bdbsysff7v
MD5

69391376e609f6686d1fac56553c1848
SHA1

55f1caad9b30ae6ee22eb99756cffbbe87e64e9e
SHA256

b0ed2c857e16dc73cb43948b6a476b4352ec93822b6429081e55e34ffd797d4e
SHA512

3fe8d1137c2f052a89a79c990571492ebbfb2f550ed4a6a00995043e312db6796eb419cb98155852971c84c77a40539aea1feeec35b5675e4e219730265a801e
SSDEEP

48:Mp54iWuckUmjNHDxEXBLsKSm3OZhZLuah23ww9WGvigm3qN:MwuFpzEKa8M5WGviFaN

Score

10^/10

Malware Config

Extracted

Language

hta

Source

URLs

hta.dropper

http://woffice365.000webhostapp.com/Windows%20Start-Up%20Application.hta

Targets

- Target
  
  69391376e609f6686d1fac56553c1848_JaffaCakes118
- Size
  
  8KB
- MD5
  
  69391376e609f6686d1fac56553c1848
- SHA1
  
  55f1caad9b30ae6ee22eb99756cffbbe87e64e9e
- SHA256
  
  b0ed2c857e16dc73cb43948b6a476b4352ec93822b6429081e55e34ffd797d4e
- SHA512
  
  3fe8d1137c2f052a89a79c990571492ebbfb2f550ed4a6a00995043e312db6796eb419cb98155852971c84c77a40539aea1feeec35b5675e4e219730265a801e
- SSDEEP
  
  48:Mp54iWuckUmjNHDxEXBLsKSm3OZhZLuah23ww9WGvigm3qN:MwuFpzEKa8M5WGviFaN
Score

10^/10
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Exploitation for Client Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2