48cf9ad53f3edcef0865395a5084e9dea921ec488e55210a9b20ddf69d9cf35f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

35c200159701fae2b760a5923d814963_JaffaCakes118
Size

62KB
Sample

240710-wd45qatejf
MD5

35c200159701fae2b760a5923d814963
SHA1

f5ace530462083b94606316fef8eac1e62273c7f
SHA256

48cf9ad53f3edcef0865395a5084e9dea921ec488e55210a9b20ddf69d9cf35f
SHA512

ef652c1520352bc4b94a9764e5209d6fc317339412619a383532ab7a2518e319e464abf61fa74e22a29b55334ee71df4e99349e98f2bfe7e21ed77da24786c4a
SSDEEP

1536:iLbkNaGAwxPqE8tNReuOnbzkFvAyfbxxStwQi48ANp1:ivkLdxPqEMI0FoyfbxxStwQiyNP

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  35c200159701fae2b760a5923d814963_JaffaCakes118
- Size
  
  62KB
- MD5
  
  35c200159701fae2b760a5923d814963
- SHA1
  
  f5ace530462083b94606316fef8eac1e62273c7f
- SHA256
  
  48cf9ad53f3edcef0865395a5084e9dea921ec488e55210a9b20ddf69d9cf35f
- SHA512
  
  ef652c1520352bc4b94a9764e5209d6fc317339412619a383532ab7a2518e319e464abf61fa74e22a29b55334ee71df4e99349e98f2bfe7e21ed77da24786c4a
- SSDEEP
  
  1536:iLbkNaGAwxPqE8tNReuOnbzkFvAyfbxxStwQi48ANp1:ivkLdxPqEMI0FoyfbxxStwQiyNP
Score

8^/10

persistence
- Server Software Component: Terminal Services DLL
  persistence
- Deletes itself
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Server Software Component

Terminal Services DLL

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2