d532877314c51b00e787158ef2ea183e3ba8cbd0bc0417904e81ecdd541a0b44 | Triage

Sharing

General

Target

ea780905612f929a37c2dd655a8ddd04_JaffaCakes118
Size

7KB
Sample

240919-dlln8sxfpa
MD5

ea780905612f929a37c2dd655a8ddd04
SHA1

f2f082ac9eb60134e46a5e1e2d8edc3d29863974
SHA256

d532877314c51b00e787158ef2ea183e3ba8cbd0bc0417904e81ecdd541a0b44
SHA512

c348cc5caa85a52e8ee6ec14b7039e2114b34e26e92494460d1fcd38c3d97458413afda18b3930bb7139baf2202d3d51ba8ad0be2bf8748efc5391338d23fac7
SSDEEP

96:JgrLJIPQR9zt91GB6XfQdJi9Ypp91JaJsGjFP3nm6ZuiVbry3VBvmD8Zao:EXR9zNX9YXda95fuCAB4Wao

Score

7^/10

defense_evasion discovery

Malware Config

Targets

- Target
  
  ea780905612f929a37c2dd655a8ddd04_JaffaCakes118
- Size
  
  7KB
- MD5
  
  ea780905612f929a37c2dd655a8ddd04
- SHA1
  
  f2f082ac9eb60134e46a5e1e2d8edc3d29863974
- SHA256
  
  d532877314c51b00e787158ef2ea183e3ba8cbd0bc0417904e81ecdd541a0b44
- SHA512
  
  c348cc5caa85a52e8ee6ec14b7039e2114b34e26e92494460d1fcd38c3d97458413afda18b3930bb7139baf2202d3d51ba8ad0be2bf8748efc5391338d23fac7
- SSDEEP
  
  96:JgrLJIPQR9zt91GB6XfQdJi9Ypp91JaJsGjFP3nm6ZuiVbry3VBvmD8Zao:EXR9zNX9YXda95fuCAB4Wao
Score

7^/10

defense_evasion discovery
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Indicator Removal: File Deletion
  Adversaries may delete files left behind by the actions of their intrusion activity.
  defense_evasion
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Indicator Removal

File Deletion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery

behavioral2

defense_evasiondiscovery