4b9c0e698be5581dfa8b82c2de222bb6aac4e5fcd9ab62182fa70cbe59a2c87d | Triage

Sharing

General

Target

36c352fa046d57d6bb5e9f23ec5ac188_JaffaCakes118
Size

61KB
Sample

240710-221p4aveln
MD5

36c352fa046d57d6bb5e9f23ec5ac188
SHA1

5f98252fb8b287b05cb4056b52a97562d193b151
SHA256

4b9c0e698be5581dfa8b82c2de222bb6aac4e5fcd9ab62182fa70cbe59a2c87d
SHA512

b00d465cd02181fe983d847c4638636ea84363466c4ad889731770d826a0928a325737d4e0a94b2b479a7f4cb68b87fa976c8300ed90c487dc827f7fe4b459dc
SSDEEP

768:DKm6+x8uWxclxwzZb001Kd1NELgsaUhi3gAjsJl62TSqbzoyCcAWz/3Qjc3XNJ9y:jqutwzJ1KbNEUOOgVFSqQjToNvy

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  36c352fa046d57d6bb5e9f23ec5ac188_JaffaCakes118
- Size
  
  61KB
- MD5
  
  36c352fa046d57d6bb5e9f23ec5ac188
- SHA1
  
  5f98252fb8b287b05cb4056b52a97562d193b151
- SHA256
  
  4b9c0e698be5581dfa8b82c2de222bb6aac4e5fcd9ab62182fa70cbe59a2c87d
- SHA512
  
  b00d465cd02181fe983d847c4638636ea84363466c4ad889731770d826a0928a325737d4e0a94b2b479a7f4cb68b87fa976c8300ed90c487dc827f7fe4b459dc
- SSDEEP
  
  768:DKm6+x8uWxclxwzZb001Kd1NELgsaUhi3gAjsJl62TSqbzoyCcAWz/3Qjc3XNJ9y:jqutwzJ1KbNEUOOgVFSqQjToNvy
Score

8^/10

persistence
- Server Software Component: Terminal Services DLL
  persistence
- Deletes itself
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Server Software Component

Terminal Services DLL

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2