aaf6f07755b3c96803c3f483e38114b8e62d79ba075630e10c78dcd48440ba83 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

37f098f8c06df51e4dbeb227acdf98d9_JaffaCakes118
Size

64KB
Sample

240711-gj7qgavapg
MD5

37f098f8c06df51e4dbeb227acdf98d9
SHA1

b60c9c0e627a9d391a908ee0c4f953d2bcaa78d1
SHA256

aaf6f07755b3c96803c3f483e38114b8e62d79ba075630e10c78dcd48440ba83
SHA512

18cf20b2f34d403d42e5b0a88dcf84064851128b92da08a0dcbc82b66852bfc38d478e31d2db6cd8a5c6236d486474f5f6280ef6895677d1fb3ef2c4833ada46
SSDEEP

1536:91oIgy/XyCSZmpIQis0P/rOyp98bOULYE5WehkcDtboQbjAP1wI8:/oLy/XVS8WQis0P/rOyI+KhhkcDO6

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  37f098f8c06df51e4dbeb227acdf98d9_JaffaCakes118
- Size
  
  64KB
- MD5
  
  37f098f8c06df51e4dbeb227acdf98d9
- SHA1
  
  b60c9c0e627a9d391a908ee0c4f953d2bcaa78d1
- SHA256
  
  aaf6f07755b3c96803c3f483e38114b8e62d79ba075630e10c78dcd48440ba83
- SHA512
  
  18cf20b2f34d403d42e5b0a88dcf84064851128b92da08a0dcbc82b66852bfc38d478e31d2db6cd8a5c6236d486474f5f6280ef6895677d1fb3ef2c4833ada46
- SSDEEP
  
  1536:91oIgy/XyCSZmpIQis0P/rOyp98bOULYE5WehkcDtboQbjAP1wI8:/oLy/XVS8WQis0P/rOyI+KhhkcDO6
Score

8^/10

persistence
- Server Software Component: Terminal Services DLL
  persistence
- Deletes itself
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Server Software Component

Terminal Services DLL

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2