1742d7de24ca43d2ef0d9a5e5919916e2ba83355544b3a07ddc966668a5f0682 | Triage

Sharing

General

Target

0cd95cdacb381167993c3ce219d9b327_JaffaCakes118
Size

57KB
Sample

240625-gdgl4ashrb
MD5

0cd95cdacb381167993c3ce219d9b327
SHA1

6421213ce79d479eb7228b2faafc83768115b49d
SHA256

1742d7de24ca43d2ef0d9a5e5919916e2ba83355544b3a07ddc966668a5f0682
SHA512

5f59a4ef1a27819f33014d1cc289b5c9e20db87bef1b097ccd7f7131957b0fc70a9a3a616dada1dc588ef5fbd8a49d8da6d8b83289c98e50221c3240ae0f8835
SSDEEP

1536:w0tSOpJ0pCz93H6U7FnToIfd/xilOjSJ0XUV:Llpz93aU7tTBfd/xilOjS8UV

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  0cd95cdacb381167993c3ce219d9b327_JaffaCakes118
- Size
  
  57KB
- MD5
  
  0cd95cdacb381167993c3ce219d9b327
- SHA1
  
  6421213ce79d479eb7228b2faafc83768115b49d
- SHA256
  
  1742d7de24ca43d2ef0d9a5e5919916e2ba83355544b3a07ddc966668a5f0682
- SHA512
  
  5f59a4ef1a27819f33014d1cc289b5c9e20db87bef1b097ccd7f7131957b0fc70a9a3a616dada1dc588ef5fbd8a49d8da6d8b83289c98e50221c3240ae0f8835
- SSDEEP
  
  1536:w0tSOpJ0pCz93H6U7FnToIfd/xilOjSJ0XUV:Llpz93aU7tTBfd/xilOjS8UV
Score

8^/10

persistence
- Server Software Component: Terminal Services DLL
  persistence
- Deletes itself
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Server Software Component

Terminal Services DLL

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2