4fc065352dca3d0cce4677396669b1a9558836324bd6dcebe4439d3768bfec75 | Triage

Sharing

General

Target

ef780dcbdf40323e7a6601b4324f2ee2_JaffaCakes118
Size

53KB
Sample

240921-k2rzhsvamd
MD5

ef780dcbdf40323e7a6601b4324f2ee2
SHA1

eaee585ed014b36805954f1f9bbab6d884b43605
SHA256

4fc065352dca3d0cce4677396669b1a9558836324bd6dcebe4439d3768bfec75
SHA512

4e0e95e2553d86b7786c7c77a8ff3acdaa7dc5783c0be0f109f8cdeec94b5cb144fe7a0f6bc05a992cab5bb30ccc454d9dc5c3d42e1ae9b5f2b55daa4a0326e2
SSDEEP

1536:I3SkgxVktwT7hxvbgCn7x0Vz6PGibYILO:IZgfTDcCnGOBL

Score

8^/10

defense_evasion discovery persistence

Malware Config

Targets

- Target
  
  ef780dcbdf40323e7a6601b4324f2ee2_JaffaCakes118
- Size
  
  53KB
- MD5
  
  ef780dcbdf40323e7a6601b4324f2ee2
- SHA1
  
  eaee585ed014b36805954f1f9bbab6d884b43605
- SHA256
  
  4fc065352dca3d0cce4677396669b1a9558836324bd6dcebe4439d3768bfec75
- SHA512
  
  4e0e95e2553d86b7786c7c77a8ff3acdaa7dc5783c0be0f109f8cdeec94b5cb144fe7a0f6bc05a992cab5bb30ccc454d9dc5c3d42e1ae9b5f2b55daa4a0326e2
- SSDEEP
  
  1536:I3SkgxVktwT7hxvbgCn7x0Vz6PGibYILO:IZgfTDcCnGOBL
Score

8^/10

defense_evasion discovery persistence
- Event Triggered Execution: Image File Execution Options Injection
  persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Indicator Removal: File Deletion
  Adversaries may delete files left behind by the actions of their intrusion activity.
  defense_evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Image File Execution Options Injection

Privilege Escalation

Event Triggered Execution

Image File Execution Options Injection

Defense Evasion

Indicator Removal

File Deletion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscoverypersistence

behavioral2

defense_evasiondiscoverypersistence