95f9dfcb7d63a19bb6eeda8173d7b5f2f774b3ddcec256066f7d4b3d53a7a646 | Triage

Sharing

General

Target

67a1071be3ca63ff1f2cc0a21fbd7e5a_JaffaCakes118
Size

65KB
Sample

240723-pvgx7azenj
MD5

67a1071be3ca63ff1f2cc0a21fbd7e5a
SHA1

0a5c0cccf46783bb29ba2fd0dde6a91da3f0f9d7
SHA256

95f9dfcb7d63a19bb6eeda8173d7b5f2f774b3ddcec256066f7d4b3d53a7a646
SHA512

7a6277bd20a8cd612422a03ca75c27d4bfd0c89f990853bfd83fb7f78a7a2c7552804f6be7e9e46ce8791f05d30bba2dbfb1bff4b25412b2d193a6c0b30fcdfa
SSDEEP

1536:WCXA7iSdWcj+mtK/6ZNz1NIpENPoT3AvuK:lA7iSzrtE6ZNz1WpENPoT3i

Score

8^/10

aspackv2 persistence

Malware Config

Targets

- Target
  
  67a1071be3ca63ff1f2cc0a21fbd7e5a_JaffaCakes118
- Size
  
  65KB
- MD5
  
  67a1071be3ca63ff1f2cc0a21fbd7e5a
- SHA1
  
  0a5c0cccf46783bb29ba2fd0dde6a91da3f0f9d7
- SHA256
  
  95f9dfcb7d63a19bb6eeda8173d7b5f2f774b3ddcec256066f7d4b3d53a7a646
- SHA512
  
  7a6277bd20a8cd612422a03ca75c27d4bfd0c89f990853bfd83fb7f78a7a2c7552804f6be7e9e46ce8791f05d30bba2dbfb1bff4b25412b2d193a6c0b30fcdfa
- SSDEEP
  
  1536:WCXA7iSdWcj+mtK/6ZNz1NIpENPoT3AvuK:lA7iSzrtE6ZNz1WpENPoT3i
Score

8^/10

persistence
- Server Software Component: Terminal Services DLL
  persistence
- Deletes itself
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Server Software Component

Terminal Services DLL

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2