2b29b8dc58d34dcb8d51866500f7f8d74772131f0b7c3eaca6dea38f44cec93f | Triage

Sharing

General

Target

866090625ae8b4e4ece04f8fd21c0fab_JaffaCakes118
Size

100KB
Sample

240810-rkcltsxbjg
MD5

866090625ae8b4e4ece04f8fd21c0fab
SHA1

28b31cd717e82d5bca63d1e3cc72dc597c4bbf8d
SHA256

2b29b8dc58d34dcb8d51866500f7f8d74772131f0b7c3eaca6dea38f44cec93f
SHA512

ea236354b0a3984221ba219cb838d052dc6cf8133372b1c3e7d136e73860cab2162bf596f41707134f12c6d77b7950905c7a25c81bddc740692bb83800cfced0
SSDEEP

768:bkGzppvCpmTeRQxYzmhss8mvlooLK/OkGzppgBT+b5cNxu1S:gGzpQp+Yw98mpuGzpWBT+cNxF

Score

7^/10

defense_evasion discovery

Malware Config

Targets

- Target
  
  866090625ae8b4e4ece04f8fd21c0fab_JaffaCakes118
- Size
  
  100KB
- MD5
  
  866090625ae8b4e4ece04f8fd21c0fab
- SHA1
  
  28b31cd717e82d5bca63d1e3cc72dc597c4bbf8d
- SHA256
  
  2b29b8dc58d34dcb8d51866500f7f8d74772131f0b7c3eaca6dea38f44cec93f
- SHA512
  
  ea236354b0a3984221ba219cb838d052dc6cf8133372b1c3e7d136e73860cab2162bf596f41707134f12c6d77b7950905c7a25c81bddc740692bb83800cfced0
- SSDEEP
  
  768:bkGzppvCpmTeRQxYzmhss8mvlooLK/OkGzppgBT+b5cNxu1S:gGzpQp+Yw98mpuGzpWBT+cNxF
Score

7^/10

defense_evasion discovery
- Deletes itself
- Loads dropped DLL
- Indicator Removal: File Deletion
  Adversaries may delete files left behind by the actions of their intrusion activity.
  defense_evasion
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Indicator Removal

File Deletion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery

behavioral2

defense_evasiondiscovery