af64311e861906c7b7e74be69f2be68cdcbf918508a55f1b1be83b36d6c3f27e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0bb944e26cce95f8803fdd9c47ef3249_JaffaCakes118
Size

340KB
Sample

241002-vqvw5sxfnp
MD5

0bb944e26cce95f8803fdd9c47ef3249
SHA1

3adf9e3e44fd106dd97b1d5cefff821d0b7ef583
SHA256

af64311e861906c7b7e74be69f2be68cdcbf918508a55f1b1be83b36d6c3f27e
SHA512

67efd93f3a284b159f89f4ba87bf6928657e74c2f151da8db079922d7d7dc378b11966e2c1b90e3b5cb9d6145b81cca20ad8dea38905d9c5bff52556c529b061
SSDEEP

3072:RYOD6ZcHxrlZiOOFykJiMKCHztM9L7a73LdJyIrPRny05+xJDOIfhRuwnd45Gb4J:b6ZoZigknq277BBAROIJH4uGyY

Score

8^/10

discovery evasion

Malware Config

Targets

- Target
  
  0bb944e26cce95f8803fdd9c47ef3249_JaffaCakes118
- Size
  
  340KB
- MD5
  
  0bb944e26cce95f8803fdd9c47ef3249
- SHA1
  
  3adf9e3e44fd106dd97b1d5cefff821d0b7ef583
- SHA256
  
  af64311e861906c7b7e74be69f2be68cdcbf918508a55f1b1be83b36d6c3f27e
- SHA512
  
  67efd93f3a284b159f89f4ba87bf6928657e74c2f151da8db079922d7d7dc378b11966e2c1b90e3b5cb9d6145b81cca20ad8dea38905d9c5bff52556c529b061
- SSDEEP
  
  3072:RYOD6ZcHxrlZiOOFykJiMKCHztM9L7a73LdJyIrPRny05+xJDOIfhRuwnd45Gb4J:b6ZoZigknq277BBAROIJH4uGyY
Score

8^/10

discovery evasion
- Sets file to hidden
  Modifies file attributes to stop it showing in Explorer etc.
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasion

behavioral2

discoveryevasion