64f06fb308b7e8916b20fbf6d5b2db4e19b9c75f6df6f95ee2d51237b64bdfb7 | Triage

Sharing

General

Target

4bbd48965f887e5cbe06d4e7272a1226_JaffaCakes118
Size

57KB
Sample

240715-2qmn4atakl
MD5

4bbd48965f887e5cbe06d4e7272a1226
SHA1

b82f49e4feca062514df060019e36d5f2a8533b8
SHA256

64f06fb308b7e8916b20fbf6d5b2db4e19b9c75f6df6f95ee2d51237b64bdfb7
SHA512

1652c9562c508eebb3b499b60f6dda910c8dfab2c64c0fb08db4e570bc2acfecd7e47d823100edaca5540110c5cea4d087dfce2eebceedcb3297b58188e117a0
SSDEEP

1536:w0tSOpJ0pCz93H6U7FnToIfd/xilOjSJ0XUm:Llpz93aU7tTBfd/xilOjS8Um

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  4bbd48965f887e5cbe06d4e7272a1226_JaffaCakes118
- Size
  
  57KB
- MD5
  
  4bbd48965f887e5cbe06d4e7272a1226
- SHA1
  
  b82f49e4feca062514df060019e36d5f2a8533b8
- SHA256
  
  64f06fb308b7e8916b20fbf6d5b2db4e19b9c75f6df6f95ee2d51237b64bdfb7
- SHA512
  
  1652c9562c508eebb3b499b60f6dda910c8dfab2c64c0fb08db4e570bc2acfecd7e47d823100edaca5540110c5cea4d087dfce2eebceedcb3297b58188e117a0
- SSDEEP
  
  1536:w0tSOpJ0pCz93H6U7FnToIfd/xilOjSJ0XUm:Llpz93aU7tTBfd/xilOjS8Um
Score

8^/10

persistence
- Server Software Component: Terminal Services DLL
  persistence
- Deletes itself
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Server Software Component

Terminal Services DLL

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2