08e81fcd721ac589ddfb0987db95783800893629fa5048a7fc3a160c836b8e00 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

43a768e13077c24f0de9fe4cb899dc47_JaffaCakes118
Size

66KB
Sample

240713-2qkjqszgmm
MD5

43a768e13077c24f0de9fe4cb899dc47
SHA1

45c8ad8bfca7e804c4c596cb7c36e6da6d8d6f48
SHA256

08e81fcd721ac589ddfb0987db95783800893629fa5048a7fc3a160c836b8e00
SHA512

0e5e4e95e3d8511ad7919067ecfb265957cdac445ed108544f4f69e1b7aeddf20d5a8266b13c502a5d275e5b89f5c1fb0b4fe51973368c283c2add584c295638
SSDEEP

1536:S1fQSOFNdsyHETXZ3sFKAuJsu5H1P7J/FnfT/fJ+wOrzpG:SbOFNylpAWsQRfT8wOrI

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  43a768e13077c24f0de9fe4cb899dc47_JaffaCakes118
- Size
  
  66KB
- MD5
  
  43a768e13077c24f0de9fe4cb899dc47
- SHA1
  
  45c8ad8bfca7e804c4c596cb7c36e6da6d8d6f48
- SHA256
  
  08e81fcd721ac589ddfb0987db95783800893629fa5048a7fc3a160c836b8e00
- SHA512
  
  0e5e4e95e3d8511ad7919067ecfb265957cdac445ed108544f4f69e1b7aeddf20d5a8266b13c502a5d275e5b89f5c1fb0b4fe51973368c283c2add584c295638
- SSDEEP
  
  1536:S1fQSOFNdsyHETXZ3sFKAuJsu5H1P7J/FnfT/fJ+wOrzpG:SbOFNylpAWsQRfT8wOrI
Score

8^/10

persistence
- Server Software Component: Terminal Services DLL
  persistence
- Deletes itself
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Server Software Component

Terminal Services DLL

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2