64af6548a72df55c0b14f5ca2d1c66c7d91f035c0879575c0c0cf4a0748e5422 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

43c5c03dd014a06fa40720d14330da66_JaffaCakes118
Size

60KB
Sample

240714-akmy5a1glj
MD5

43c5c03dd014a06fa40720d14330da66
SHA1

6ddcda748dea55958dcd971250d15b5ea179c398
SHA256

64af6548a72df55c0b14f5ca2d1c66c7d91f035c0879575c0c0cf4a0748e5422
SHA512

420321ed952aac2a2ef56f4f150749c1d21d8ce9b71c75462936e63916b38e02c174d7da81b8e3f06f9221f2c0d585ba5dcaefacd1e3fb560334d79c54c7670e
SSDEEP

1536:+wuRvdoS4G8sr0oXgrbc56+11pqljHP9VijXsktnH9:tLI8sVg461HGQktH9

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  43c5c03dd014a06fa40720d14330da66_JaffaCakes118
- Size
  
  60KB
- MD5
  
  43c5c03dd014a06fa40720d14330da66
- SHA1
  
  6ddcda748dea55958dcd971250d15b5ea179c398
- SHA256
  
  64af6548a72df55c0b14f5ca2d1c66c7d91f035c0879575c0c0cf4a0748e5422
- SHA512
  
  420321ed952aac2a2ef56f4f150749c1d21d8ce9b71c75462936e63916b38e02c174d7da81b8e3f06f9221f2c0d585ba5dcaefacd1e3fb560334d79c54c7670e
- SSDEEP
  
  1536:+wuRvdoS4G8sr0oXgrbc56+11pqljHP9VijXsktnH9:tLI8sVg461HGQktH9
Score

8^/10

persistence
- Server Software Component: Terminal Services DLL
  persistence
- Deletes itself
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Server Software Component

Terminal Services DLL

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2