16692abb2f539d74b7334c2ef903b21de41f1fb2107eec8bae2d8e57c224f338 | Triage

Sharing

General

Target

68884c6db3799319d6e7cd6e3b9431cf_JaffaCakes118
Size

19KB
Sample

240723-v2f75a1dlm
MD5

68884c6db3799319d6e7cd6e3b9431cf
SHA1

f2b8ae45fce4895362ff4b18339de5f9f942ccd7
SHA256

16692abb2f539d74b7334c2ef903b21de41f1fb2107eec8bae2d8e57c224f338
SHA512

4941bc66445d316c59fc9a8fe9482aeab60eff22a11e5d76f5800d80e106aaca6339bbfb6872712ee9b77493e708b320b3ab668b40144674fc6e95987d259bd3
SSDEEP

384:tM2vDSnnNB+Nv2rYD01IOc239d8lxkRKuj2l0Or6rrFILlVeiwAdr8:O2OnnNQNv2UD8IOc6v8lxkRLjo0PrFVP

Score

7^/10

defense_evasion discovery

Malware Config

Targets

- Target
  
  68884c6db3799319d6e7cd6e3b9431cf_JaffaCakes118
- Size
  
  19KB
- MD5
  
  68884c6db3799319d6e7cd6e3b9431cf
- SHA1
  
  f2b8ae45fce4895362ff4b18339de5f9f942ccd7
- SHA256
  
  16692abb2f539d74b7334c2ef903b21de41f1fb2107eec8bae2d8e57c224f338
- SHA512
  
  4941bc66445d316c59fc9a8fe9482aeab60eff22a11e5d76f5800d80e106aaca6339bbfb6872712ee9b77493e708b320b3ab668b40144674fc6e95987d259bd3
- SSDEEP
  
  384:tM2vDSnnNB+Nv2rYD01IOc239d8lxkRKuj2l0Or6rrFILlVeiwAdr8:O2OnnNQNv2UD8IOc6v8lxkRLjo0PrFVP
Score

7^/10

defense_evasion discovery
- Deletes itself
- Loads dropped DLL
- Indicator Removal: File Deletion
  Adversaries may delete files left behind by the actions of their intrusion activity.
  defense_evasion
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Indicator Removal

File Deletion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery

behavioral2

defense_evasiondiscovery