43a14528f65d64000b2760f3d2c73f815b8f8291569d1b975a86d7e083757c07 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0ff36ab563a60a0827c41226101037d5_JaffaCakes118
Size

109KB
Sample

240625-3m4zmstbnl
MD5

0ff36ab563a60a0827c41226101037d5
SHA1

6760edd56a26ef07bdd78b0c133728b62dba6026
SHA256

43a14528f65d64000b2760f3d2c73f815b8f8291569d1b975a86d7e083757c07
SHA512

8d110d2a1dcc159e376dfbda9c33e559e2f505613264e47c44386e624fc64a1b863af942e086ffb2765d0957ba40a3d2ac2e0601d891a8dbff59a34a6f77c149
SSDEEP

3072:L/2Urq65Kmb+dB/GqXCS2ocPMFu5sJBf8PDu:LuUrq65JqSo2inJF8Lu

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  0ff36ab563a60a0827c41226101037d5_JaffaCakes118
- Size
  
  109KB
- MD5
  
  0ff36ab563a60a0827c41226101037d5
- SHA1
  
  6760edd56a26ef07bdd78b0c133728b62dba6026
- SHA256
  
  43a14528f65d64000b2760f3d2c73f815b8f8291569d1b975a86d7e083757c07
- SHA512
  
  8d110d2a1dcc159e376dfbda9c33e559e2f505613264e47c44386e624fc64a1b863af942e086ffb2765d0957ba40a3d2ac2e0601d891a8dbff59a34a6f77c149
- SSDEEP
  
  3072:L/2Urq65Kmb+dB/GqXCS2ocPMFu5sJBf8PDu:LuUrq65JqSo2inJF8Lu
Score

8^/10

persistence
- Server Software Component: Terminal Services DLL
  persistence
- Deletes itself
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Server Software Component

Terminal Services DLL

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2