f0697471f156523c83613af6a350963643afee640166b41fc5adce3edf579dd0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7672a55c0fca2b44f511dbc24fb3817f_JaffaCakes118
Size

89KB
Sample

240727-a9h2gawcql
MD5

7672a55c0fca2b44f511dbc24fb3817f
SHA1

08932b9a4e436bf4bdf49396a2a7cff5293b0f82
SHA256

f0697471f156523c83613af6a350963643afee640166b41fc5adce3edf579dd0
SHA512

d2d8f59c76c62e2ec2a2a658f5de2d7cc477b2aced673e6f267d49c0675c6f951cf8ac25ad33c03d63da29e221f955bbde0bb7b32c4bbadc8bcd655c5a57e41b
SSDEEP

1536:PDNy07nS9zCf9GNgxqan25UclWsbzXBmc8Kz7DtZ:BRrSwfMNnPCclWat8Y7DtZ

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  7672a55c0fca2b44f511dbc24fb3817f_JaffaCakes118
- Size
  
  89KB
- MD5
  
  7672a55c0fca2b44f511dbc24fb3817f
- SHA1
  
  08932b9a4e436bf4bdf49396a2a7cff5293b0f82
- SHA256
  
  f0697471f156523c83613af6a350963643afee640166b41fc5adce3edf579dd0
- SHA512
  
  d2d8f59c76c62e2ec2a2a658f5de2d7cc477b2aced673e6f267d49c0675c6f951cf8ac25ad33c03d63da29e221f955bbde0bb7b32c4bbadc8bcd655c5a57e41b
- SSDEEP
  
  1536:PDNy07nS9zCf9GNgxqan25UclWsbzXBmc8Kz7DtZ:BRrSwfMNnPCclWat8Y7DtZ
Score

8^/10

discovery persistence
- Server Software Component: Terminal Services DLL
  persistence
- Deletes itself
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Server Software Component

Terminal Services DLL

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence