668ce0c1cb9b53b9d86714fc3bf48ef4c4b623244b21c0b4c418244a4ea5abe5 | Triage

Sharing

General

Target

eaa7dab76ed6306409d4f1c4223de987_JaffaCakes118
Size

248KB
Sample

240919-fy6laasepc
MD5

eaa7dab76ed6306409d4f1c4223de987
SHA1

1edfaa87059d62e1d64bf6fee1ab997f5d4835d0
SHA256

668ce0c1cb9b53b9d86714fc3bf48ef4c4b623244b21c0b4c418244a4ea5abe5
SHA512

ef1d0b6c3278abfc5b28e22cf7e1e0d4329439ac011ded1daf19eec3e52a5c6e82f0c3ca5031dd6f4286d3199696769f90e12a7a6036dce5d5b3decd4940692b
SSDEEP

3072:pQYnYfB/uo4k72ciWLJdVyAtbjpOCXH2YdM6J7NmtnMJ2lmU:pQYsB/uEPNaAtbj9H2YdldNUMUlmU

Score

8^/10

discovery evasion execution persistence

Malware Config

Targets

- Target
  
  eaa7dab76ed6306409d4f1c4223de987_JaffaCakes118
- Size
  
  248KB
- MD5
  
  eaa7dab76ed6306409d4f1c4223de987
- SHA1
  
  1edfaa87059d62e1d64bf6fee1ab997f5d4835d0
- SHA256
  
  668ce0c1cb9b53b9d86714fc3bf48ef4c4b623244b21c0b4c418244a4ea5abe5
- SHA512
  
  ef1d0b6c3278abfc5b28e22cf7e1e0d4329439ac011ded1daf19eec3e52a5c6e82f0c3ca5031dd6f4286d3199696769f90e12a7a6036dce5d5b3decd4940692b
- SSDEEP
  
  3072:pQYnYfB/uo4k72ciWLJdVyAtbjpOCXH2YdM6J7NmtnMJ2lmU:pQYsB/uEPNaAtbj9H2YdldNUMUlmU
Score

8^/10

discovery evasion execution persistence
- Creates new service(s)
  persistence execution
- Stops running service(s)
  evasion execution
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

System Services

Service Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Service Stop

Tasks

static1

behavioral1

discoveryevasionexecutionpersistence

behavioral2

discoveryevasionexecutionpersistence