065f3e527b8e8046efc92f372c60c9e9cc0feb5970e8a45a45e81f9828030d81 | Triage

Sharing

General

Target

JaffaCakes118_73e63c02a2be9b305e770a1cfb5166b8
Size

20.0MB
Sample

250314-lmzlgsxzh1
MD5

73e63c02a2be9b305e770a1cfb5166b8
SHA1

8c8184a83ba0dea1074f768d50d864c7bfd4797e
SHA256

065f3e527b8e8046efc92f372c60c9e9cc0feb5970e8a45a45e81f9828030d81
SHA512

07aaa9178b7ecc39d63970cb7139289d586806fc99b642802f71b4a84dd5a25086a0ec0411e9bc56697725a5633d63f23bdbdc248eabc91ddcd67439153fc0d9
SSDEEP

393216:Aq/+DzwwWgIz8dYfigOfoQ6Z70gjagAxH0xfiFzSlZ+ftB3obXtjkX:F/s9WfQYLOfV6V0wNunklwTYbXdkX

Score

8^/10

defense_evasion discovery execution javascript link macro pdf

Malware Config

Targets

- Target
  
  sample
- Size
  
  26.5MB
- MD5
  
  d5b764f2ddf85fe4a089af2f16209333
- SHA1
  
  964ec577bd3f5fc79069da22cf9d386c86e4b27c
- SHA256
  
  179dd7b87af25d7ef942078ac4addbdd76fc7090efaffb247a17042fc19304d3
- SHA512
  
  08ee13da3943890360c1ff8624aa122d3f14912bc9925022b50b2dffc02d6f6fda56220a797c0ac8282111ccc6b72f2721dd2bcc72bc03fa8c093a550f3b4fde
- SSDEEP
  
  393216:I0g7qgdd75sRNP+cOU6Xh4MVqt3qiDzhBICfVDbLAga3:IwgddlsRN2cOU8VGz7xVPLAg8
Score

1^/10
behavioral1 behavioral2
- Target
  
  001e2710555613a82e94156d3ed9c289
- Size
  
  262KB
- MD5
  
  001e2710555613a82e94156d3ed9c289
- SHA1
  
  3c59f69e0d6aeab9ee87fbf01d8e0b89f9191494
- SHA256
  
  c98ed6cae6b4f4394fac70faaac9e41ac4255a9660b4b20fdf6adb8a34572300
- SHA512
  
  246779ab35a8d0a29e83058a3e5b0667a597dea31d83f9882598f884395e597e878118ef776d6f5af02584f4fbdcae19ac505b7d220c557aa0d6df5bbb83864c
- SSDEEP
  
  6144:f5/xczovMsL7oJNQDpNdjTswrLSLmHGdB4qfofvcjaRL41:R/xcEJHON2Ts+LFsB4hvcjaRL8
Score

4^/10

discovery
behavioral3 behavioral4
- Target
  
  004e74d54dcf79c641d5cf8a615488a0
- Size
  
  115KB
- MD5
  
  004e74d54dcf79c641d5cf8a615488a0
- SHA1
  
  6413fbe0d90cb7f445f76dc8d1ccaacddd55df4a
- SHA256
  
  ba79bdf796b57696cc9f9f61ef00bb2c0fd21e2f2188a29a17dff00f9f0fad7f
- SHA512
  
  7b65d9d49dd27706948cd321cf873279cb0ef6e36d62f90095b9d7280b0f7bbee93827601e0ddabcf2850184483a43eabb71a02d71f4b48df6980c650fbfc0e6
- SSDEEP
  
  3072:bxb9EwZtg9daX+RVaMyvjCNUUAtkBrryl5Fi:FaDdusV/yv8/Y0rp
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  0106fb569e87e02fc88d496064abdf19
- Size
  
  22KB
- MD5
  
  0106fb569e87e02fc88d496064abdf19
- SHA1
  
  9757f9fa3ba28100b1f9b6859ccbd13ef6046bc0
- SHA256
  
  1aba2082bf8f5e6f5fe2ba4deaa2875b92b193999ddccce449cd0d3c61f8cf32
- SHA512
  
  664c07f087ef4d5bffeb00249ac19a106eef407ebef9f5db6c45c0bb72edea79bf177ea4fb24d80ea398388ea713879ef3586187ddeb12dcf95322b098b74ac6
- SSDEEP
  
  96:v4glMMITOloqaMsLKaIBJJmXxKgxNuvW+U8jYKJuI73ARbIjPxVAM/MsKjKcPoEm:PCPoLkumIPCI
Score

3^/10

execution
behavioral7 behavioral8
- Target
  
  02bfe34bea55e327cfdead9cff215f33
- Size
  
  155KB
- MD5
  
  02bfe34bea55e327cfdead9cff215f33
- SHA1
  
  ffbc01a9f1c4614ed88069c262014d0fadf1bf78
- SHA256
  
  0567f3a1d0b439731f0d559695c53aa79883bb26f28b25d1f3ceca33a819721e
- SHA512
  
  0cc560161609f0f6aebc585d25a45bc0a8c0e0504198bfcd0184e6891e8186761e998b2e10b19cdf4634044adc1f37fa5af77eb33a2a3a93b0ed923165aa6c65
- SSDEEP
  
  1536:XSRgaaC+Z6ZVZOpOmvrf2llGUk6loSGnSJMqxso+NQ08XQfLHW49d:1FcSOYmCSJMq+enJi
Score

4^/10

discovery
behavioral10 behavioral9
- Target
  
  030423da29e1e6f4a527518126de4aeb
- Size
  
  4.0MB
- MD5
  
  030423da29e1e6f4a527518126de4aeb
- SHA1
  
  d22766f362ec497f7851ea720a968a1cf6a69069
- SHA256
  
  952d452ee0773dd23a5a05150ad1f2917550a51ae1901084cf3ef461d3ef3826
- SHA512
  
  bbd793b025fc59a75c5749cc49ca758ed2f013d8124e14f050c15a6b984ada8f1ee6156d578d51925595acca17644e2a059c3a886d5fa141eabb48a609ac7b62
- SSDEEP
  
  98304:Nm1uGMHr4yHKTMgsEsqSwpw/tNqDsd6vXevtVafVkqvqh6QaTdA:YgXL4yHKRowpwMOa9kqc6QsA
Score

3^/10

execution
behavioral11 behavioral12
- Target
  
  03042cc3786dafdb941019488d4cad3e
- Size
  
  65KB
- MD5
  
  03042cc3786dafdb941019488d4cad3e
- SHA1
  
  489dfe1a49f5172ac4db9a2b953789cbd6a80c65
- SHA256
  
  8dbbcd21c0197c7d037b9dfb86fc05fe1e087420548197bb60140c7e91723c75
- SHA512
  
  7843dc1ff2d32c3df8ca7c93937cfad6d475792a08a7b6ca3b9865ac86f7ae9c2f6ab269a6d8b529d3bb1d3b80ec00f49afc6a7366954c524414cb7d45d689f6
- SSDEEP
  
  768:GwdmkEGda1t5OqNTNGQwFhIkc0bmeH9Dg2wQuheK0AIkLlM5NscYM8qqEUED281S:GhLLOmihLdKspVscYG/O85r+o49d
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  04095314d51057a13e21908de1266fc1
- Size
  
  4KB
- MD5
  
  04095314d51057a13e21908de1266fc1
- SHA1
  
  726c0fad4752a7cfe0461af85247139ab45e6eed
- SHA256
  
  fe7841c51cab5e7d2752d4331fbd037df93b1476179ccdb7d78e50741d239d87
- SHA512
  
  c1f3450d83407007d3c394d1193c22b355733945eafe078cee5c709028c63d5a79882b37be4183d60d213abd6d52e0753f581a2612bafdcdd3d033bdf538d220
- SSDEEP
  
  96:rDg51RORkrqkYrxwIyrqOhLo3oEiP7p4z84zFtczLKmMMf0El64fKscx8bh7ZMPs:f+1ROqrqkYrxwIkjLEK14z7rS2FMf05K
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  049675afd5c9505b9715872d499b9389
- Size
  
  1.3MB
- MD5
  
  049675afd5c9505b9715872d499b9389
- SHA1
  
  8c4b91d462ff045d0b04b432f7a81f7f21db60a5
- SHA256
  
  e71b5e81714cb09b1ecbe6e13aa6bc06a359b3366c396ac4cc753e17a194f6ba
- SHA512
  
  cdb0b63e5ab58eb03e22a222218da13745f5255faa3f6d6131a4d6088736197ee43f9d9904ee39ab4df504f3099d70c9541c5abb1dea2c5d4d6ffe54e1513056
- SSDEEP
  
  24576:0P8ZRbyHoJ8jJzc3zX8RslrE6PPmrRrvQKFG5BEIyUgUcnOe+uSA:0kZ1yIJoSMRsaEPm1GBryUgUcOe1
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  0733c4e2122cdfcfdd4699a3cbdc8b40
- Size
  
  518KB
- MD5
  
  0733c4e2122cdfcfdd4699a3cbdc8b40
- SHA1
  
  e4263586a2008c9138c5d3d134a115970a05a13f
- SHA256
  
  1cffccaf528a882f781fb179a32356bfb176d683059c89faf81d7a51687330e0
- SHA512
  
  7fe17c26eb47adfee2f6a3899107211c9b0ceab37f138d2cfcb72676c8decf817c7f42d23ca39377fb3c15dd1f2d0ac1e4a3db2c3175098b1ffae544ff136a4b
- SSDEEP
  
  12288:/jaRLgcHounz+4bLO0KrYgcAKlPl/dGJWyAevErUm6IkR3gzQakSn33BnHPYxLSh:/joLtHounz+4bLOBrYgcAKlPl/dGJWRD
Score

4^/10

discovery
behavioral19 behavioral20
- Target
  
  08da26158b76ca38e0ddb740aaf9b4ff
- Size
  
  26KB
- MD5
  
  08da26158b76ca38e0ddb740aaf9b4ff
- SHA1
  
  af10cc9b9bf348591c421afd11c6b62983930909
- SHA256
  
  1b7584c9222e1081fd4e7507d35348c991b86e662fc2fd0221f36dbe06c6bcec
- SHA512
  
  895d10e8f56cab0d0693917f844851721234ea9106c8c2f8ddb382fd4bfcdc6f1aff2331301cd255b18ba23b0638f467d5bce48b2ea70e8e809023199873a2eb
- SSDEEP
  
  192:7Q06af24rEG1VtCRXJgxW4O5ksTQUjfukHnqzpl+1Jp9urxetivT8/Cow3t7QGvU:7Np1A2WDhTQytKzoJp9urxetiIUa
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  0d711f2049a6004cffe447dab78cd7e5
- Size
  
  925KB
- MD5
  
  0d711f2049a6004cffe447dab78cd7e5
- SHA1
  
  c28fd9c35d97293b7e9b0eaf2032e83e23ca78a4
- SHA256
  
  2ac705860b71aed9b7528a62ed1042723f6f7b4c16fb0edf4cddcf09a709c9f7
- SHA512
  
  1bfbde72eceb1055cd2a077e74972d1490bf6cf79f2687494bd1ad12934ff6385b1cb729e43f8ab82bbf44082c972f0abb0eda78fec4611633376b87b0378593
- SSDEEP
  
  24576:qSbzGTjB0IxmSIKoOCeerokFN7hp96rPyT:qj1QONQok7h1
Score

7^/10

defense_evasion discovery
- Executes dropped EXE
- Loads dropped DLL
- Indicator Removal: File Deletion
  Adversaries may delete files left behind by the actions of their intrusion activity.
  defense_evasion
behavioral23 behavioral24
- Target
  
  0e0c3a177b898c523e8303940ae99077
- Size
  
  17KB
- MD5
  
  0e0c3a177b898c523e8303940ae99077
- SHA1
  
  69dff71adb542b9345feaff967e2a5c9541fb79c
- SHA256
  
  2d2151674934d1e2fe9b945415f9da622635757e88ed27a23c9afac73fd4fcea
- SHA512
  
  871e1119fb304598ab3d180bbce119f4c6b2aaea3cbea33335560f9cb74c69ad106a86b626d7a5f880086f1362cf83f30acf4a316456a4c42b88ec5ae9306da2
- SSDEEP
  
  384:a1rROqprYkKexyFy09x8oyly09x8oo5hly09x8of1o5nta:a2l9x8Rf9x89f9x8A1R
Score

3^/10

execution
behavioral25 behavioral26
- Target
  
  0f24780097467c4c54f8f306346dff37
- Size
  
  2KB
- MD5
  
  0f24780097467c4c54f8f306346dff37
- SHA1
  
  e79703bc71fad266a2c13c457b2c05112375bc35
- SHA256
  
  b4a95880394d20efe9cefcbcb323815bd871190ee5b0c21734452b62f8b6da6f
- SHA512
  
  348a8af2c9cd724287569440bd32bb72d23fc19e78a30b795a5c7243cee00eecba3217fb2717b051385dbeb501ba88f061b875d6efd4c05d7e04b7a96e4a3a4e
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  0f5d42aa99b17eabddc19a46013b517b
- Size
  
  151KB
- MD5
  
  0f5d42aa99b17eabddc19a46013b517b
- SHA1
  
  7f3def64dc5cdbd90b4917ae513ed39f159114bd
- SHA256
  
  34cb88a51729a7d54d6e575ae14e184b25ee581ee15bc60775251909d63bd477
- SHA512
  
  0141e8da93205395a63af10880522e9d1f85d934f5f1c69ec495f31abbe1b1e862e0d7844dfe501d6a8a2dec66246d8231ffde82dc49fa2cec16d73f3b6c691e
- SSDEEP
  
  3072:wTm4nwZgAqvBPoFmlYgsFIDJpi89qWt1ZJlYQ0ryqAkryXT:wH8gAqv6Fme/g880uZJSQ0ryqAkryXT
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  0fc9c4e1e2148912188dd913ff95149e
- Size
  
  4KB
- MD5
  
  0fc9c4e1e2148912188dd913ff95149e
- SHA1
  
  06de1964ed1bc0205856f7fff1bd0af91d7d63f6
- SHA256
  
  9c715b7368557613911e6e813d8a4e93c43e307b086bbfa0be4905a7910155d4
- SHA512
  
  518b9dcb7eb32112337c0175968d0d71d53ae80b4238cfa25705e97b96b01c7c7bb6b2ec28ed0ca6ac24a2705742b647ddea1adf87ff952d0e6d50e4ffb5b16d
- SSDEEP
  
  96:cIEjydIHAuTk4HpI0EKiQhte9pLIidmAuwSBHM1UNuteR6wGtW:NEj7AuA4a5KizTIi2BHMBeRPGtW
Score

3^/10

discovery
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Indicator Removal

File Deletion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

pdfjavascriptlinkmacro

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

defense_evasiondiscovery

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32