66556aa86fdbea0623dde98f1aaee0203dccd640a4afb9c22df17b6d440bd086 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2eda8f84a8ea296112fba067741ec439_JaffaCakes118
Size

72KB
Sample

240709-d4wl6atgrj
MD5

2eda8f84a8ea296112fba067741ec439
SHA1

43c507c14f914f3c9bfa821863a10af8893dcb0f
SHA256

66556aa86fdbea0623dde98f1aaee0203dccd640a4afb9c22df17b6d440bd086
SHA512

d60b5c2011339f648e6b3439f26d12319011c34ad261618d51f22be7c44879cd14f6021f10448e721ce014bacae4a48087afd92de588c67fe24c734c6970f7d2
SSDEEP

1536:Z5NpiWSe+X0vh4zKBwUT8fELmsrgvJT2OFBsU9q6gbDcqTxW3ttIn5ozBQDA:XrqeU0vTwUTh6skxCmP7gu3ttI5cV

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  2eda8f84a8ea296112fba067741ec439_JaffaCakes118
- Size
  
  72KB
- MD5
  
  2eda8f84a8ea296112fba067741ec439
- SHA1
  
  43c507c14f914f3c9bfa821863a10af8893dcb0f
- SHA256
  
  66556aa86fdbea0623dde98f1aaee0203dccd640a4afb9c22df17b6d440bd086
- SHA512
  
  d60b5c2011339f648e6b3439f26d12319011c34ad261618d51f22be7c44879cd14f6021f10448e721ce014bacae4a48087afd92de588c67fe24c734c6970f7d2
- SSDEEP
  
  1536:Z5NpiWSe+X0vh4zKBwUT8fELmsrgvJT2OFBsU9q6gbDcqTxW3ttIn5ozBQDA:XrqeU0vTwUTh6skxCmP7gu3ttI5cV
Score

8^/10

persistence
- Server Software Component: Terminal Services DLL
  persistence
- Deletes itself
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Server Software Component

Terminal Services DLL

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2