322edc95a93acd395669d12412331ebd1896b06e176cb2e329911dd37d843536 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

65b9c4dac244e7fbfc6eb15b55534f83_JaffaCakes118
Size

1.1MB
Sample

240723-chxrnasarr
MD5

65b9c4dac244e7fbfc6eb15b55534f83
SHA1

5071b41fb61713f2664bee5a7f19a11f0e54db10
SHA256

322edc95a93acd395669d12412331ebd1896b06e176cb2e329911dd37d843536
SHA512

eef3cfcc0e74ddd6dc19530ef94d33579e8853c7ddcb5b3a53258a517d9fe158eab4b6b6f7090ca5e50d74c08364c9ac93e1a41013a8aa92c282aac381c09253
SSDEEP

6144:6cib7oQjnUXD8yIg6436vawG0zzcuJho7:pib7FUXD89YuzNG7

Score

10^/10

evasion

Malware Config

Targets

- Target
  
  65b9c4dac244e7fbfc6eb15b55534f83_JaffaCakes118
- Size
  
  1.1MB
- MD5
  
  65b9c4dac244e7fbfc6eb15b55534f83
- SHA1
  
  5071b41fb61713f2664bee5a7f19a11f0e54db10
- SHA256
  
  322edc95a93acd395669d12412331ebd1896b06e176cb2e329911dd37d843536
- SHA512
  
  eef3cfcc0e74ddd6dc19530ef94d33579e8853c7ddcb5b3a53258a517d9fe158eab4b6b6f7090ca5e50d74c08364c9ac93e1a41013a8aa92c282aac381c09253
- SSDEEP
  
  6144:6cib7oQjnUXD8yIg6436vawG0zzcuJho7:pib7FUXD89YuzNG7
Score

10^/10

evasion
- Modifies security service
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2