fcbe422cd0a036961659aabe2af0d909f07c3dcda9bffa3b8ccb54482614ab06 | Triage

Sharing

General

Target

3ac5e263fa5670a50c4ad7060afc7e8f_JaffaCakes118
Size

126KB
Sample

241012-sxxyzaxena
MD5

3ac5e263fa5670a50c4ad7060afc7e8f
SHA1

7d00b96206ff3f1636812d016d504d43cea1a808
SHA256

fcbe422cd0a036961659aabe2af0d909f07c3dcda9bffa3b8ccb54482614ab06
SHA512

a773e6326dbbee1d37a1279ad0a5d12aee8259023378cbde18879ca66cc83acf20cfccd389ecdbe005793560a6f0ea8d8a05dda2dc32b03de8923c5c6060100d
SSDEEP

3072:o/25jvDSgsqsb5Uh28vAbTV1WW69B9VjMdxPedN9ug0z9TBfFSFMHM:Dtzsb5Uh28+V1WW69B9VjMdxPedN9ug5

Score

8^/10

discovery execution

Malware Config

Targets

- Target
  
  3ac5e263fa5670a50c4ad7060afc7e8f_JaffaCakes118
- Size
  
  126KB
- MD5
  
  3ac5e263fa5670a50c4ad7060afc7e8f
- SHA1
  
  7d00b96206ff3f1636812d016d504d43cea1a808
- SHA256
  
  fcbe422cd0a036961659aabe2af0d909f07c3dcda9bffa3b8ccb54482614ab06
- SHA512
  
  a773e6326dbbee1d37a1279ad0a5d12aee8259023378cbde18879ca66cc83acf20cfccd389ecdbe005793560a6f0ea8d8a05dda2dc32b03de8923c5c6060100d
- SSDEEP
  
  3072:o/25jvDSgsqsb5Uh28vAbTV1WW69B9VjMdxPedN9ug0z9TBfFSFMHM:Dtzsb5Uh28+V1WW69B9VjMdxPedN9ug5
Score

8^/10

discovery execution
- Blocklisted process makes network request
- Command and Scripting Interpreter: PowerShell
  Run Powershell and hide display window.
  execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryexecution

behavioral2

discoveryexecution