bdcee1db0965b2c04d7554c8d1bb20ae2292a3c10ca73c7ba9f73c88cacc5423 | Triage

Sharing

General

Target

ea53316ca4a6d79726fed6b13301e9f9_JaffaCakes118
Size

186KB
Sample

240919-bpdfxstckm
MD5

ea53316ca4a6d79726fed6b13301e9f9
SHA1

912df8af1042901a2b516268ef00544f45dbdc16
SHA256

bdcee1db0965b2c04d7554c8d1bb20ae2292a3c10ca73c7ba9f73c88cacc5423
SHA512

ea5e287754778b1864ec98d48f0ba1c74f88998f0eee6555f23391f5ad8faf53d046a25fd152e11cf0972ca5059f65974f364cdec867ec6aae663f493e4e81c2
SSDEEP

3072:RGtCgmaMLrAcVljHyvQRsFMsuTxbU2gn0AORUGdCbAI:stxQvuisSq0TnCUI

Score

6^/10

Malware Config

Targets

- Target
  
  ea53316ca4a6d79726fed6b13301e9f9_JaffaCakes118
- Size
  
  186KB
- MD5
  
  ea53316ca4a6d79726fed6b13301e9f9
- SHA1
  
  912df8af1042901a2b516268ef00544f45dbdc16
- SHA256
  
  bdcee1db0965b2c04d7554c8d1bb20ae2292a3c10ca73c7ba9f73c88cacc5423
- SHA512
  
  ea5e287754778b1864ec98d48f0ba1c74f88998f0eee6555f23391f5ad8faf53d046a25fd152e11cf0972ca5059f65974f364cdec867ec6aae663f493e4e81c2
- SSDEEP
  
  3072:RGtCgmaMLrAcVljHyvQRsFMsuTxbU2gn0AORUGdCbAI:stxQvuisSq0TnCUI
Score

6^/10
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2