2f1b108084d42f52d66b448b83eed5ddb8afe720bcf3f3d979fc77cef79c4dbb | Triage

Sharing

General

Target

6911e148a8504af00eb2a56163e02d53_JaffaCakes118
Size

82KB
Sample

240723-1n89mszhnl
MD5

6911e148a8504af00eb2a56163e02d53
SHA1

c11edc01482f0cc4d64f0ed9fedbda4d41100f0b
SHA256

2f1b108084d42f52d66b448b83eed5ddb8afe720bcf3f3d979fc77cef79c4dbb
SHA512

be55032787654ca2d15639b51ac7b8edee4a832d475a82be794a91e2f73695817e8a39796104359bd606f6d2483cf9deaa609a9e42c0b8ae59deb1a273e6bbdd
SSDEEP

1536:J6Zy5fqyo/gANz1s8w8/Y4/uR6cPDgiuW5Z0hl1wjMvSUGRScSQi8YHWOM:Sy5fqEANhvwZKuUcEfl15v7Dvhq

Score

7^/10

defense_evasion discovery

Malware Config

Targets

- Target
  
  6911e148a8504af00eb2a56163e02d53_JaffaCakes118
- Size
  
  82KB
- MD5
  
  6911e148a8504af00eb2a56163e02d53
- SHA1
  
  c11edc01482f0cc4d64f0ed9fedbda4d41100f0b
- SHA256
  
  2f1b108084d42f52d66b448b83eed5ddb8afe720bcf3f3d979fc77cef79c4dbb
- SHA512
  
  be55032787654ca2d15639b51ac7b8edee4a832d475a82be794a91e2f73695817e8a39796104359bd606f6d2483cf9deaa609a9e42c0b8ae59deb1a273e6bbdd
- SSDEEP
  
  1536:J6Zy5fqyo/gANz1s8w8/Y4/uR6cPDgiuW5Z0hl1wjMvSUGRScSQi8YHWOM:Sy5fqEANhvwZKuUcEfl15v7Dvhq
Score

7^/10

defense_evasion discovery
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Indicator Removal: File Deletion
  Adversaries may delete files left behind by the actions of their intrusion activity.
  defense_evasion
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Indicator Removal

File Deletion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery

behavioral2

defense_evasiondiscovery