96dd4a46cc5c5957a770afe65105e03b0300e92996a0e21d87fd41160fad987c | Triage

Sharing

General

Target

791eaa460303325bda84d117b68f1a77_JaffaCakes118
Size

626KB
Sample

240727-wzszkssenj
MD5

791eaa460303325bda84d117b68f1a77
SHA1

882a5eb8e9d4363b932f4e963c172932e6767575
SHA256

96dd4a46cc5c5957a770afe65105e03b0300e92996a0e21d87fd41160fad987c
SHA512

e6b16aea3e5eac1706827fc7ba8b073217562eb36ce2dd2a4fb2cd77c9b988e8c305ee7f85b4cc7e4f7c798cb38d31e89f7dd66e68817be92b8cdf0a5f407095
SSDEEP

12288:B8TYYvncgVhfc8oZSrGDmkX3CbiBNwRlRDfuqnqgB5esShK:bYnFoZSrGKkX3CbwERKqnPA1hK

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  791eaa460303325bda84d117b68f1a77_JaffaCakes118
- Size
  
  626KB
- MD5
  
  791eaa460303325bda84d117b68f1a77
- SHA1
  
  882a5eb8e9d4363b932f4e963c172932e6767575
- SHA256
  
  96dd4a46cc5c5957a770afe65105e03b0300e92996a0e21d87fd41160fad987c
- SHA512
  
  e6b16aea3e5eac1706827fc7ba8b073217562eb36ce2dd2a4fb2cd77c9b988e8c305ee7f85b4cc7e4f7c798cb38d31e89f7dd66e68817be92b8cdf0a5f407095
- SSDEEP
  
  12288:B8TYYvncgVhfc8oZSrGDmkX3CbiBNwRlRDfuqnqgB5esShK:bYnFoZSrGKkX3CbwERKqnPA1hK
Score

8^/10

discovery persistence
- Server Software Component: Terminal Services DLL
  persistence
- Deletes itself
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Server Software Component

Terminal Services DLL

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence