169afdea70d6efac4db5527c5d8ce0a7b0f13625a3ee76b6ef5ed91cb2a53f23 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

425f72158bda718b26ed42540cb95940_JaffaCakes118
Size

108KB
Sample

240713-tfayjszarh
MD5

425f72158bda718b26ed42540cb95940
SHA1

370a373abaedcbb2c15356fa03c702f9cb73816d
SHA256

169afdea70d6efac4db5527c5d8ce0a7b0f13625a3ee76b6ef5ed91cb2a53f23
SHA512

6b356710937e267d7ca19c98478ff773b41fab54e391ed5f4f35d401a938e7c0f063c27c93de40dff3681fc92b6147b2e1d770d0c289fd8cd91a5a4fa82a336f
SSDEEP

3072:2O7cGpEZWfDE2rJTtbo41/SAdonsJxEX8aBk:2O7JpEZW/rjB1qqjJxEXy

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  425f72158bda718b26ed42540cb95940_JaffaCakes118
- Size
  
  108KB
- MD5
  
  425f72158bda718b26ed42540cb95940
- SHA1
  
  370a373abaedcbb2c15356fa03c702f9cb73816d
- SHA256
  
  169afdea70d6efac4db5527c5d8ce0a7b0f13625a3ee76b6ef5ed91cb2a53f23
- SHA512
  
  6b356710937e267d7ca19c98478ff773b41fab54e391ed5f4f35d401a938e7c0f063c27c93de40dff3681fc92b6147b2e1d770d0c289fd8cd91a5a4fa82a336f
- SSDEEP
  
  3072:2O7cGpEZWfDE2rJTtbo41/SAdonsJxEX8aBk:2O7JpEZW/rjB1qqjJxEXy
Score

8^/10

persistence
- Server Software Component: Terminal Services DLL
  persistence
- Deletes itself
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Server Software Component

Terminal Services DLL

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2