5f0cce9a427b5a280b03f01e9e25880bcc5330bb726b2216198991caf2ff2d78 | Triage

Sharing

General

Target

2632dc21dd74908f7e02de47ae376050_JaffaCakes118
Size

550KB
Sample

240704-zvkdes1dlb
MD5

2632dc21dd74908f7e02de47ae376050
SHA1

4b78ac93b0db7be86110ba46160aa792f8ba72c5
SHA256

5f0cce9a427b5a280b03f01e9e25880bcc5330bb726b2216198991caf2ff2d78
SHA512

ef7b75864318d6d175b161f10616aab9c9f99faf9afaa2e8c6144a35cc99ad3533c7590be363b815ee1327715289bb92db26199ab6cbc3221d8ff11905e2b2e2
SSDEEP

12288:CYpJFtyyPBEmdnAGmJ9dFeIaCtPmg2cTFKUO:CO71EaXmFFHtPmTcTQh

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  2632dc21dd74908f7e02de47ae376050_JaffaCakes118
- Size
  
  550KB
- MD5
  
  2632dc21dd74908f7e02de47ae376050
- SHA1
  
  4b78ac93b0db7be86110ba46160aa792f8ba72c5
- SHA256
  
  5f0cce9a427b5a280b03f01e9e25880bcc5330bb726b2216198991caf2ff2d78
- SHA512
  
  ef7b75864318d6d175b161f10616aab9c9f99faf9afaa2e8c6144a35cc99ad3533c7590be363b815ee1327715289bb92db26199ab6cbc3221d8ff11905e2b2e2
- SSDEEP
  
  12288:CYpJFtyyPBEmdnAGmJ9dFeIaCtPmg2cTFKUO:CO71EaXmFFHtPmTcTQh
Score

8^/10

persistence
- Server Software Component: Terminal Services DLL
  persistence
- Deletes itself
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Server Software Component

Terminal Services DLL

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2