dd9ee0dcc1af9e162ff78f355ced50ea9b9f0dba96b2d4c0d175dd3fdc404c7d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

42a6d9a03fdf37d6bc1162fbdeff11fb_JaffaCakes118
Size

121KB
Sample

241014-rd8qpayeqb
MD5

42a6d9a03fdf37d6bc1162fbdeff11fb
SHA1

b84ff9464e1a8a3a7b853de6cae77c91365e5229
SHA256

dd9ee0dcc1af9e162ff78f355ced50ea9b9f0dba96b2d4c0d175dd3fdc404c7d
SHA512

a4253cb2b6c5534b639693f17327b01d656d19971d805426f52cdd8b40f6af9909661a45dcded0466628e9f65d6c90b0592e2de18676ce3ba45ddb32e68653b9
SSDEEP

3072:ap9nZw4dPqQo/hljdaNqciP6FS7LA4tLICXgfpEZ:arnXdyQo8qcYnA4tICipe

Score

10^/10

discovery evasion

Malware Config

Targets

- Target
  
  42a6d9a03fdf37d6bc1162fbdeff11fb_JaffaCakes118
- Size
  
  121KB
- MD5
  
  42a6d9a03fdf37d6bc1162fbdeff11fb
- SHA1
  
  b84ff9464e1a8a3a7b853de6cae77c91365e5229
- SHA256
  
  dd9ee0dcc1af9e162ff78f355ced50ea9b9f0dba96b2d4c0d175dd3fdc404c7d
- SHA512
  
  a4253cb2b6c5534b639693f17327b01d656d19971d805426f52cdd8b40f6af9909661a45dcded0466628e9f65d6c90b0592e2de18676ce3ba45ddb32e68653b9
- SSDEEP
  
  3072:ap9nZw4dPqQo/hljdaNqciP6FS7LA4tLICXgfpEZ:arnXdyQo8qcYnA4tICipe
Score

10^/10

discovery evasion
- Modifies security service
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasion

behavioral2

discoveryevasion