ca12969d9f3d561bbd293b4be403d5cece51502057d77543c07ee5c7a2c529d1 | Triage

Sharing

General

Target

640862354aae3af139b9a5e7f79c3a43_JaffaCakes118
Size

71KB
Sample

240722-vl71xaxgjh
MD5

640862354aae3af139b9a5e7f79c3a43
SHA1

b9e3a7f6a04714480e9677d78e22a801a405938b
SHA256

ca12969d9f3d561bbd293b4be403d5cece51502057d77543c07ee5c7a2c529d1
SHA512

fc3a8979465c3e7437dfbeadd477e4d0ca884a84c957a2b2bd2442adae37af928b6d1baebd212b4254a02b3849d140cc574341de8b7a50b6ef88533775e11e09
SSDEEP

1536:MJQleeZZ+b9mWIGpNhwqyoz3DakRC0Rug:2ueerq9xzhwXK3DJRC0R/

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  640862354aae3af139b9a5e7f79c3a43_JaffaCakes118
- Size
  
  71KB
- MD5
  
  640862354aae3af139b9a5e7f79c3a43
- SHA1
  
  b9e3a7f6a04714480e9677d78e22a801a405938b
- SHA256
  
  ca12969d9f3d561bbd293b4be403d5cece51502057d77543c07ee5c7a2c529d1
- SHA512
  
  fc3a8979465c3e7437dfbeadd477e4d0ca884a84c957a2b2bd2442adae37af928b6d1baebd212b4254a02b3849d140cc574341de8b7a50b6ef88533775e11e09
- SSDEEP
  
  1536:MJQleeZZ+b9mWIGpNhwqyoz3DakRC0Rug:2ueerq9xzhwXK3DJRC0R/
Score

8^/10

persistence
- Server Software Component: Terminal Services DLL
  persistence
- Deletes itself
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Server Software Component

Terminal Services DLL

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2