b94df8bbdd72e9b935b14dd2de7746179ecf2864fd3f6ba8c51888e55d41cece | Triage

Sharing

General

Target

00f623bfb36a253403669fc4dec5f791_JaffaCakes118
Size

98KB
Sample

240930-m2c7ga1emp
MD5

00f623bfb36a253403669fc4dec5f791
SHA1

67fd817afb56cf19571f688ebf76143cdded1c3d
SHA256

b94df8bbdd72e9b935b14dd2de7746179ecf2864fd3f6ba8c51888e55d41cece
SHA512

5b505acbca9594a5b6f01cce77a4b004faeddc679c7c9712894bd74232f6a5351c3ebe2e0f89011e5bf1728d28b819f6c3922850b24bc2d0e0a7fa1a8ba779c7
SSDEEP

1536:sxxxxENLxrgxFtVwM8jIT+M0mTsbaP6hjSszg/jAyOWVbrzQ7ITkbA2syfshtcJt:eVaWVbrzQ7ITkZXimJtXw1d

Score

10^/10

defense_evasion discovery

Malware Config

Targets

- Target
  
  00f623bfb36a253403669fc4dec5f791_JaffaCakes118
- Size
  
  98KB
- MD5
  
  00f623bfb36a253403669fc4dec5f791
- SHA1
  
  67fd817afb56cf19571f688ebf76143cdded1c3d
- SHA256
  
  b94df8bbdd72e9b935b14dd2de7746179ecf2864fd3f6ba8c51888e55d41cece
- SHA512
  
  5b505acbca9594a5b6f01cce77a4b004faeddc679c7c9712894bd74232f6a5351c3ebe2e0f89011e5bf1728d28b819f6c3922850b24bc2d0e0a7fa1a8ba779c7
- SSDEEP
  
  1536:sxxxxENLxrgxFtVwM8jIT+M0mTsbaP6hjSszg/jAyOWVbrzQ7ITkbA2syfshtcJt:eVaWVbrzQ7ITkZXimJtXw1d
Score

10^/10

defense_evasion discovery
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Deletes itself
- Indicator Removal: File Deletion
  Adversaries may delete files left behind by the actions of their intrusion activity.
  defense_evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Indicator Removal

File Deletion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery

behavioral2

defense_evasion