e62f5386990715dbcbc8362669e71bad3031820ed3ad90bef92544b5990a9402 | Triage

Sharing

General

Target

f5e2dec5faefc56c21d35c2ef3d8ce46_JaffaCakes118
Size

136KB
Sample

240925-nct95avhrb
MD5

f5e2dec5faefc56c21d35c2ef3d8ce46
SHA1

266b0c06bc27b9deb851b1d5c306b311f97aa67b
SHA256

e62f5386990715dbcbc8362669e71bad3031820ed3ad90bef92544b5990a9402
SHA512

e5615ec11f93bee468a92617d99d2ea2dc4bf18c1b01b83c2b6799743531b10e78d8e0d16409f60ae521aab46d0980a4ba68f5e3a2ebaf3e59d3e97c98d93fe7
SSDEEP

1536:5e0ta0vY5ZXFCx1qtegQza2o6rXaY+9HBxKWKF93kqe47sUC1vZngSls+:40A0vSqx1qtegd6jSBTKF9VbQlngss

Score

7^/10

defense_evasion discovery

Malware Config

Targets

- Target
  
  f5e2dec5faefc56c21d35c2ef3d8ce46_JaffaCakes118
- Size
  
  136KB
- MD5
  
  f5e2dec5faefc56c21d35c2ef3d8ce46
- SHA1
  
  266b0c06bc27b9deb851b1d5c306b311f97aa67b
- SHA256
  
  e62f5386990715dbcbc8362669e71bad3031820ed3ad90bef92544b5990a9402
- SHA512
  
  e5615ec11f93bee468a92617d99d2ea2dc4bf18c1b01b83c2b6799743531b10e78d8e0d16409f60ae521aab46d0980a4ba68f5e3a2ebaf3e59d3e97c98d93fe7
- SSDEEP
  
  1536:5e0ta0vY5ZXFCx1qtegQza2o6rXaY+9HBxKWKF93kqe47sUC1vZngSls+:40A0vSqx1qtegd6jSBTKF9VbQlngss
Score

7^/10

defense_evasion discovery
- Deletes itself
- Executes dropped EXE
- Indicator Removal: File Deletion
  Adversaries may delete files left behind by the actions of their intrusion activity.
  defense_evasion
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Indicator Removal

File Deletion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery

behavioral2

defense_evasiondiscovery