63cad6009304b4967635601726d02575c6473e4e76e3277e4ad0b2d01d9d67d5 | Triage

Sharing

General

Target

c870014d4b0e28f96f3001fc9ec032a0_JaffaCakes118
Size

777KB
Sample

240829-jc1ppasbml
MD5

c870014d4b0e28f96f3001fc9ec032a0
SHA1

781a0343aa696ec16eb31a839538c0fe157954b9
SHA256

63cad6009304b4967635601726d02575c6473e4e76e3277e4ad0b2d01d9d67d5
SHA512

e2ce7b78e3f19a7a4973f370fa4f864a55727a38c064a9df9dc3c8b68ce975d7011a4765f0832900428f13fb351805db9b4cecc8163aad77d6aace9cd81de1db
SSDEEP

12288:nFv7xuWq5+8oXCa6vAm6AzPF3W8as5smuPwE8/ubnpNDdIhODYcUkX+y4D:FzvYoXgnzp3W8as5FzErpNDdqcX1Q

Score

8^/10

discovery

Malware Config

Targets

- Target
  
  c870014d4b0e28f96f3001fc9ec032a0_JaffaCakes118
- Size
  
  777KB
- MD5
  
  c870014d4b0e28f96f3001fc9ec032a0
- SHA1
  
  781a0343aa696ec16eb31a839538c0fe157954b9
- SHA256
  
  63cad6009304b4967635601726d02575c6473e4e76e3277e4ad0b2d01d9d67d5
- SHA512
  
  e2ce7b78e3f19a7a4973f370fa4f864a55727a38c064a9df9dc3c8b68ce975d7011a4765f0832900428f13fb351805db9b4cecc8163aad77d6aace9cd81de1db
- SSDEEP
  
  12288:nFv7xuWq5+8oXCa6vAm6AzPF3W8as5smuPwE8/ubnpNDdIhODYcUkX+y4D:FzvYoXgnzp3W8as5FzErpNDdqcX1Q
Score

8^/10

discovery
- Blocklisted process makes network request
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2