General
-
Target
5f3143c9005305cc8d6948378c0a0e79_JaffaCakes118
-
Size
338KB
-
Sample
240720-f5xxqayaqp
-
MD5
5f3143c9005305cc8d6948378c0a0e79
-
SHA1
5c4048f06f6a79d0d7ae0d2f6da55e7b168dfd49
-
SHA256
0c026dd1e317615a52a0f15b0834d91925bb976585f9e3bac5c96b0f41c1643e
-
SHA512
f490010ddd45db028163c9c477fee0dc4872b75e816becd4929c0e602ef0d6885b984cbfa03401ab65ad20debf3e3326e6e18ace36415b75e303d3054d865073
-
SSDEEP
6144:LiiUInLV5aQNbwXOH4MF2EigFTosv8lpRuFL3kM+:LinHYke3cEigFko8lWOb
Malware Config
Targets
-
-
Target
5f3143c9005305cc8d6948378c0a0e79_JaffaCakes118
-
Size
338KB
-
MD5
5f3143c9005305cc8d6948378c0a0e79
-
SHA1
5c4048f06f6a79d0d7ae0d2f6da55e7b168dfd49
-
SHA256
0c026dd1e317615a52a0f15b0834d91925bb976585f9e3bac5c96b0f41c1643e
-
SHA512
f490010ddd45db028163c9c477fee0dc4872b75e816becd4929c0e602ef0d6885b984cbfa03401ab65ad20debf3e3326e6e18ace36415b75e303d3054d865073
-
SSDEEP
6144:LiiUInLV5aQNbwXOH4MF2EigFTosv8lpRuFL3kM+:LinHYke3cEigFko8lWOb
Score8/10-
Creates new service(s)
-
Modifies Windows Firewall
-
Server Software Component: Terminal Services DLL
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
MITRE ATT&CK Enterprise v15
Execution
Command and Scripting Interpreter
1System Services
1Service Execution
1Persistence
Create or Modify System Process
2Windows Service
2Event Triggered Execution
1Netsh Helper DLL
1Server Software Component
1Terminal Services DLL
1Privilege Escalation
Create or Modify System Process
2Windows Service
2Event Triggered Execution
1Netsh Helper DLL
1