4566557f5412991a56ebd8c600319e6f3494067b31b430174e40023fcc77621e | Triage

Sharing

General

Target

33a79a3c541765a99fd9dc4a2cd0fc04_JaffaCakes118
Size

68KB
Sample

240710-g88n3asapr
MD5

33a79a3c541765a99fd9dc4a2cd0fc04
SHA1

86157c4281c635084fe0a688e489d25d6c090efd
SHA256

4566557f5412991a56ebd8c600319e6f3494067b31b430174e40023fcc77621e
SHA512

2814686baa10602dc338ffa7bb478394bb81668576b28d6f8b9e5d399c23d257f25b19c9fe55ff1682afcd4e423538e6219c2721531a1a2b76811c603dd4eed5
SSDEEP

1536:+iq/vpaidX4iyaC0OtxX/T0LFYZCE8GsqWbZwb11mLVZo/UeyG:dq/vpvK/0kXbA2AE82WaRMJZneyG

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  qq.exe
- Size
  
  172KB
- MD5
  
  45388d14ba00ba14398d44489c3f5579
- SHA1
  
  4671e55a78cebf231fafa537e12b8fe563ae57a2
- SHA256
  
  3beb46ec52628033d938f889851e9a4c28f873fc77122f7277ad04256611f316
- SHA512
  
  91709f10a5eeb61da8f2ebf900ed7487078a80a737f28923a5fdac13d2f6af20703ff09fee14b2971fb64fe4e2d67b61e5a39870bfaf8dbdb5643a866e840c93
- SSDEEP
  
  3072:/dUWdtM90P6NF0SoFzv/Cuq5bodpTUNumPmDog4agAcwm:E90P6NeSoRyH58aHmEZaDcN
Score

8^/10

persistence
- Server Software Component: Terminal Services DLL
  persistence
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Server Software Component

Terminal Services DLL

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2