8b3ae17386ae847357a22c80cc6c9799645a5a24af9f93178d360770248808af | Triage

Sharing

General

Target

1c8bda0e685c254113cd0cc2bdee1f0b_JaffaCakes118
Size

579KB
Sample

240701-z8xwnszhnd
MD5

1c8bda0e685c254113cd0cc2bdee1f0b
SHA1

dc5b5ad0eb6b14a138d62013b740a862680530d3
SHA256

8b3ae17386ae847357a22c80cc6c9799645a5a24af9f93178d360770248808af
SHA512

f3dc4fe3053fb927b4ec0dfaf50f59a1594d18fcc11cc766411aa8f4c7738b556efe448ac2ba47b0c547bea664a997747837216097c3597f916b691621dd5b61
SSDEEP

12288:HcL/XWgCYvGazyQodZ2ZuIFF3Z4mxxLI5YB2l0ag+G:HcL/XdHu12sIFQmXs5YAlfgt

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  1c8bda0e685c254113cd0cc2bdee1f0b_JaffaCakes118
- Size
  
  579KB
- MD5
  
  1c8bda0e685c254113cd0cc2bdee1f0b
- SHA1
  
  dc5b5ad0eb6b14a138d62013b740a862680530d3
- SHA256
  
  8b3ae17386ae847357a22c80cc6c9799645a5a24af9f93178d360770248808af
- SHA512
  
  f3dc4fe3053fb927b4ec0dfaf50f59a1594d18fcc11cc766411aa8f4c7738b556efe448ac2ba47b0c547bea664a997747837216097c3597f916b691621dd5b61
- SSDEEP
  
  12288:HcL/XWgCYvGazyQodZ2ZuIFF3Z4mxxLI5YB2l0ag+G:HcL/XdHu12sIFQmXs5YAlfgt
Score

8^/10

persistence
- Server Software Component: Terminal Services DLL
  persistence
- Deletes itself
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Server Software Component

Terminal Services DLL

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2