853d03e3895aa203b5b698c5b037a71275453eb255f51639bbb20ebb7420d920 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

433c69a5974944f4ca607d743718e850_JaffaCakes118
Size

385KB
Sample

241014-vh5flszcpm
MD5

433c69a5974944f4ca607d743718e850
SHA1

aeb0bb6506e258c4027f62bb1184ecf406ea1957
SHA256

853d03e3895aa203b5b698c5b037a71275453eb255f51639bbb20ebb7420d920
SHA512

b0d69185abffbf85068175b1c964c8a054c8959f1aa98155aa1e6dadfbe0872fc3d2c4bca5b49549aa52f79a382c67e904d1d799908f43440e705298a6267b7f
SSDEEP

12288:bi/OjtaNPEfoZPnp3TuEkRAiVQpLRGwenERegrB:bi/OhaCap3cQpUHnEjB

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  433c69a5974944f4ca607d743718e850_JaffaCakes118
- Size
  
  385KB
- MD5
  
  433c69a5974944f4ca607d743718e850
- SHA1
  
  aeb0bb6506e258c4027f62bb1184ecf406ea1957
- SHA256
  
  853d03e3895aa203b5b698c5b037a71275453eb255f51639bbb20ebb7420d920
- SHA512
  
  b0d69185abffbf85068175b1c964c8a054c8959f1aa98155aa1e6dadfbe0872fc3d2c4bca5b49549aa52f79a382c67e904d1d799908f43440e705298a6267b7f
- SSDEEP
  
  12288:bi/OjtaNPEfoZPnp3TuEkRAiVQpLRGwenERegrB:bi/OhaCap3cQpUHnEjB
Score

7^/10

discovery
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2