9b761bc2e27065573fa39fd79c9f2bca47895ac91d4b61ddd438f791cbda6819 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c13735fb1612b83340cffb8196b7ec16_JaffaCakes118
Size

56KB
Sample

240825-vxw3savfpe
MD5

c13735fb1612b83340cffb8196b7ec16
SHA1

aa465129475ee08237faf39900565a3fe7307e84
SHA256

9b761bc2e27065573fa39fd79c9f2bca47895ac91d4b61ddd438f791cbda6819
SHA512

4882a4e3efd11afe10b32f044389b33bfbef296e4e0e20f0194302ab317cf6947e1713172ac4668ef102b96bb2bdaccbef5b298240c93c0892bb2cd6e7d241b4
SSDEEP

768:g9os+KTlDsaMhnL33h2Cgs2oY8JRwRXym4FnFtPgslsMnugqNSCSaNKCSSxcha5:7sbhDGhnDcCgsdY8JcXd4LVgZSCQC2

Score

7^/10

defense_evasion discovery

Malware Config

Targets

- Target
  
  c13735fb1612b83340cffb8196b7ec16_JaffaCakes118
- Size
  
  56KB
- MD5
  
  c13735fb1612b83340cffb8196b7ec16
- SHA1
  
  aa465129475ee08237faf39900565a3fe7307e84
- SHA256
  
  9b761bc2e27065573fa39fd79c9f2bca47895ac91d4b61ddd438f791cbda6819
- SHA512
  
  4882a4e3efd11afe10b32f044389b33bfbef296e4e0e20f0194302ab317cf6947e1713172ac4668ef102b96bb2bdaccbef5b298240c93c0892bb2cd6e7d241b4
- SSDEEP
  
  768:g9os+KTlDsaMhnL33h2Cgs2oY8JRwRXym4FnFtPgslsMnugqNSCSaNKCSSxcha5:7sbhDGhnDcCgsdY8JcXd4LVgZSCQC2
Score

7^/10

defense_evasion discovery
- Deletes itself
- Executes dropped EXE
- Impair Defenses: Safe Mode Boot
  defense_evasion
- Indicator Removal: File Deletion
  Adversaries may delete files left behind by the actions of their intrusion activity.
  defense_evasion
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Safe Mode Boot

Indicator Removal

File Deletion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery

behavioral2

defense_evasiondiscovery