e06117b626da713e7cdb1f6ab31a6ae2ce88b58368254a18dd3cc556c9b2999d | Triage

Sharing

General

Target

5c790f10afc84cb98fd5601c36be7ed1_JaffaCakes118
Size

66KB
Sample

240719-sjhxwsxclp
MD5

5c790f10afc84cb98fd5601c36be7ed1
SHA1

af41a6a57ee8223b06bbad6c0ea330450e127b8e
SHA256

e06117b626da713e7cdb1f6ab31a6ae2ce88b58368254a18dd3cc556c9b2999d
SHA512

a4ba5a4a28faf4cb4493c9c410a131b72a9debb2d46f206a2ae7d76e4eb6c46d15a5d8b59ce1c021b55b678ebdda32615c7dd6d1fbe9ada242f542343f712705
SSDEEP

1536:FQPXEmAiRm2VfvmNFnToIf6HTRLar5ZONrWKym:i9Vfv6tTBfoTRLar5ZONrWKym

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  5c790f10afc84cb98fd5601c36be7ed1_JaffaCakes118
- Size
  
  66KB
- MD5
  
  5c790f10afc84cb98fd5601c36be7ed1
- SHA1
  
  af41a6a57ee8223b06bbad6c0ea330450e127b8e
- SHA256
  
  e06117b626da713e7cdb1f6ab31a6ae2ce88b58368254a18dd3cc556c9b2999d
- SHA512
  
  a4ba5a4a28faf4cb4493c9c410a131b72a9debb2d46f206a2ae7d76e4eb6c46d15a5d8b59ce1c021b55b678ebdda32615c7dd6d1fbe9ada242f542343f712705
- SSDEEP
  
  1536:FQPXEmAiRm2VfvmNFnToIf6HTRLar5ZONrWKym:i9Vfv6tTBfoTRLar5ZONrWKym
Score

8^/10

persistence
- Server Software Component: Terminal Services DLL
  persistence
- Deletes itself
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Server Software Component

Terminal Services DLL

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2