543931717283b238be41e853d4131e1d513ddb49faf84b821eac49ef952be0d7 | Triage

Sharing

General

Target

48f6468f8d0b8a8fdb654e4558c5ae07_JaffaCakes118
Size

550KB
Sample

240715-j618bawhnp
MD5

48f6468f8d0b8a8fdb654e4558c5ae07
SHA1

4ae9a1242861bb3f622a8d0e2bb7e81d64d11fcc
SHA256

543931717283b238be41e853d4131e1d513ddb49faf84b821eac49ef952be0d7
SHA512

e32a453bea73e83b87288c79cc6bf5f8727cb957402471b499bd37536cca34ecaffe16bf97c299ea8d14b0507d9b72db7d66e603d4a14e977cb1e2e923f071f5
SSDEEP

6144:PZTZO9/vgsGreXyyU+Bkm9eDFgZcnednwfRHBSnRzmrN9dt/IqxPV3aO2cTB/Xn9:uJFtyyPBEmdnAGmJ9dFZBV3aO2cT90k

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  48f6468f8d0b8a8fdb654e4558c5ae07_JaffaCakes118
- Size
  
  550KB
- MD5
  
  48f6468f8d0b8a8fdb654e4558c5ae07
- SHA1
  
  4ae9a1242861bb3f622a8d0e2bb7e81d64d11fcc
- SHA256
  
  543931717283b238be41e853d4131e1d513ddb49faf84b821eac49ef952be0d7
- SHA512
  
  e32a453bea73e83b87288c79cc6bf5f8727cb957402471b499bd37536cca34ecaffe16bf97c299ea8d14b0507d9b72db7d66e603d4a14e977cb1e2e923f071f5
- SSDEEP
  
  6144:PZTZO9/vgsGreXyyU+Bkm9eDFgZcnednwfRHBSnRzmrN9dt/IqxPV3aO2cTB/Xn9:uJFtyyPBEmdnAGmJ9dFZBV3aO2cT90k
Score

8^/10

persistence
- Server Software Component: Terminal Services DLL
  persistence
- Deletes itself
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Server Software Component

Terminal Services DLL

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2