353fd2565731776f26026928516e5de69e0a696131b6c7294f2218fec0abbabc | Triage

Sharing

General

Target

2554d31d482ccd88f0595bf6d2d9e060_JaffaCakes118
Size

37KB
Sample

241008-zqv95azbma
MD5

2554d31d482ccd88f0595bf6d2d9e060
SHA1

c7184bf7af3ff41f0f81f5d1f2464d9b2c2691ae
SHA256

353fd2565731776f26026928516e5de69e0a696131b6c7294f2218fec0abbabc
SHA512

0bbf9c95889ebc6f51275e51a43e59736702553068fb9f280143cefd48a35ed32572f0e1e9f3dba0ff5fbccd70719a2648eff7e55107f5ba522f6b65e7732afb
SSDEEP

768:0MFTQlLZanIHjy9boWJPUvz61/c1udKcGNyGd5jz8P:0MwtanIHjJWJcrMc1udKjNyGQ

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2554d31d482ccd88f0595bf6d2d9e060_JaffaCakes118
- Size
  
  37KB
- MD5
  
  2554d31d482ccd88f0595bf6d2d9e060
- SHA1
  
  c7184bf7af3ff41f0f81f5d1f2464d9b2c2691ae
- SHA256
  
  353fd2565731776f26026928516e5de69e0a696131b6c7294f2218fec0abbabc
- SHA512
  
  0bbf9c95889ebc6f51275e51a43e59736702553068fb9f280143cefd48a35ed32572f0e1e9f3dba0ff5fbccd70719a2648eff7e55107f5ba522f6b65e7732afb
- SSDEEP
  
  768:0MFTQlLZanIHjy9boWJPUvz61/c1udKcGNyGd5jz8P:0MwtanIHjJWJcrMc1udKjNyGQ
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2