74e1305549bc78a9f8d47d2158d69a46ba929bbf4948808607b830cb6c3480ab | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e9c2dda7e86d09ddf89ed7e49144b5c8_JaffaCakes118
Size

165KB
Sample

240918-xfwrssxcna
MD5

e9c2dda7e86d09ddf89ed7e49144b5c8
SHA1

a385021c416bad0c3760cd47f05458bcdd470715
SHA256

74e1305549bc78a9f8d47d2158d69a46ba929bbf4948808607b830cb6c3480ab
SHA512

a7b8e424b92218c881c2c1c9a468c1840bddba4bbcfe05c86e54fa76bb386908160fb7ff17e7d238e9392b4dd0e3aaa2a37715cc7ba84091ffeecc81c96e4ca5
SSDEEP

3072:XGuGuGADrRHQWV/lnyK6CV5v8KiI6Fovv+P/ue579pF7onDQI:nDZ/lnyK6CV50ue56

Score

6^/10

discovery

Malware Config

Targets

- Target
  
  e9c2dda7e86d09ddf89ed7e49144b5c8_JaffaCakes118
- Size
  
  165KB
- MD5
  
  e9c2dda7e86d09ddf89ed7e49144b5c8
- SHA1
  
  a385021c416bad0c3760cd47f05458bcdd470715
- SHA256
  
  74e1305549bc78a9f8d47d2158d69a46ba929bbf4948808607b830cb6c3480ab
- SHA512
  
  a7b8e424b92218c881c2c1c9a468c1840bddba4bbcfe05c86e54fa76bb386908160fb7ff17e7d238e9392b4dd0e3aaa2a37715cc7ba84091ffeecc81c96e4ca5
- SSDEEP
  
  3072:XGuGuGADrRHQWV/lnyK6CV5v8KiI6Fovv+P/ue579pF7onDQI:nDZ/lnyK6CV50ue56
Score

6^/10

discovery
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2