e3b69a995b4524211637ed5fe57b0df0696e7f43d4f78d35cb1998cb93525f03 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5b01c41c358a6c1d68ab84b6444ad016_JaffaCakes118
Size

590KB
Sample

240719-jfvmvasglc
MD5

5b01c41c358a6c1d68ab84b6444ad016
SHA1

f02a0d0536727688ccce9c55f5fca2a6aa23001f
SHA256

e3b69a995b4524211637ed5fe57b0df0696e7f43d4f78d35cb1998cb93525f03
SHA512

2f7c4e04d6fd1cc652932373fd70221270c1dfc16f5ba062da59815bcbc1688d3e35c5f5d91cbaddf4250f8c2ceb9cc68e14ce3a6290a7c8e250b39fa42c37ca
SSDEEP

12288:7TH1o/j5RoRjs0FjUuF3Z4mxx4DqVTVOCtV:fO52RjFZQmXfVTztV

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  5b01c41c358a6c1d68ab84b6444ad016_JaffaCakes118
- Size
  
  590KB
- MD5
  
  5b01c41c358a6c1d68ab84b6444ad016
- SHA1
  
  f02a0d0536727688ccce9c55f5fca2a6aa23001f
- SHA256
  
  e3b69a995b4524211637ed5fe57b0df0696e7f43d4f78d35cb1998cb93525f03
- SHA512
  
  2f7c4e04d6fd1cc652932373fd70221270c1dfc16f5ba062da59815bcbc1688d3e35c5f5d91cbaddf4250f8c2ceb9cc68e14ce3a6290a7c8e250b39fa42c37ca
- SSDEEP
  
  12288:7TH1o/j5RoRjs0FjUuF3Z4mxx4DqVTVOCtV:fO52RjFZQmXfVTztV
Score

8^/10

persistence
- Server Software Component: Terminal Services DLL
  persistence
- Deletes itself
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Server Software Component

Terminal Services DLL

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2