65c18db020837a5a04bc79bb40c8b3c6ff83467e6dce99c7c5eac39ae9731290 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2b8d2415abf41c762ce22a204efb2fa7_JaffaCakes118
Size

63KB
Sample

240708-jq5kss1hlc
MD5

2b8d2415abf41c762ce22a204efb2fa7
SHA1

ccf92a6437962d3f948724a7f4e601acf936e6cc
SHA256

65c18db020837a5a04bc79bb40c8b3c6ff83467e6dce99c7c5eac39ae9731290
SHA512

13894848bbec5316e60103f33984d7769426bd259d349c82a72911ec9190a10bdb18ab38f7953cfdacb0f0f3a27dfd9014d58c5e75db7cbb11ce9ca98a528e4d
SSDEEP

768:PdGvJuh51O/szqazvtUas2vBJxxJiJVEn/tdIWDHjdLI46YG2VIkmuTlNZjNzFF:PchqbzZtFpv8AdcsSAr

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  2b8d2415abf41c762ce22a204efb2fa7_JaffaCakes118
- Size
  
  63KB
- MD5
  
  2b8d2415abf41c762ce22a204efb2fa7
- SHA1
  
  ccf92a6437962d3f948724a7f4e601acf936e6cc
- SHA256
  
  65c18db020837a5a04bc79bb40c8b3c6ff83467e6dce99c7c5eac39ae9731290
- SHA512
  
  13894848bbec5316e60103f33984d7769426bd259d349c82a72911ec9190a10bdb18ab38f7953cfdacb0f0f3a27dfd9014d58c5e75db7cbb11ce9ca98a528e4d
- SSDEEP
  
  768:PdGvJuh51O/szqazvtUas2vBJxxJiJVEn/tdIWDHjdLI46YG2VIkmuTlNZjNzFF:PchqbzZtFpv8AdcsSAr
Score

8^/10

persistence
- Server Software Component: Terminal Services DLL
  persistence
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Server Software Component

Terminal Services DLL

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2