dbc10182113f2409736789056f3bbf57a58da8c6dac84f0e97dc80d4cd99d948 | Triage

Sharing

General

Target

25c1c483e96a542aa65e44076e84f723_JaffaCakes118
Size

66KB
Sample

240704-wwvn1athjc
MD5

25c1c483e96a542aa65e44076e84f723
SHA1

92a7ecb9addfc7824ef487b8e78574f2a0bd800c
SHA256

dbc10182113f2409736789056f3bbf57a58da8c6dac84f0e97dc80d4cd99d948
SHA512

0679b6693a386d0cf16b7a8f8db72163f7cd9672b18bebe9123010a34259ba31fcf1c2e859d74a41f4894a4e31cb7583f11dde0d2d2991e12d207f98d9b4ec73
SSDEEP

1536:SOOs0IhW+HeDMM8QbPM9MR6waK/+6ndsQ3OaI:SOOsRhfHeDr8QbLaKW66wI

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  25c1c483e96a542aa65e44076e84f723_JaffaCakes118
- Size
  
  66KB
- MD5
  
  25c1c483e96a542aa65e44076e84f723
- SHA1
  
  92a7ecb9addfc7824ef487b8e78574f2a0bd800c
- SHA256
  
  dbc10182113f2409736789056f3bbf57a58da8c6dac84f0e97dc80d4cd99d948
- SHA512
  
  0679b6693a386d0cf16b7a8f8db72163f7cd9672b18bebe9123010a34259ba31fcf1c2e859d74a41f4894a4e31cb7583f11dde0d2d2991e12d207f98d9b4ec73
- SSDEEP
  
  1536:SOOs0IhW+HeDMM8QbPM9MR6waK/+6ndsQ3OaI:SOOsRhfHeDr8QbLaKW66wI
Score

8^/10

persistence
- Server Software Component: Terminal Services DLL
  persistence
- Deletes itself
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Server Software Component

Terminal Services DLL

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2