b50f48dae2d38e8ebceaf67193264677e37263734a03632ac51c8e50f4bc06e3 | Triage

Sharing

General

Target

8495f179b7ef1be19104f81ecbcec94d_JaffaCakes118
Size

133KB
Sample

240810-dmxswsxcle
MD5

8495f179b7ef1be19104f81ecbcec94d
SHA1

7459fe5875a169e19b7d4d2fd3a17e3cfbcf8d5f
SHA256

b50f48dae2d38e8ebceaf67193264677e37263734a03632ac51c8e50f4bc06e3
SHA512

b5db7365e92c92d7cf314d260950b288aad6faa30576c9369d654059ed7b81e8a01d699a2c2560f2ffd6542b2c5fde45228502781991b2218685bb70cd57bbad
SSDEEP

3072:I0wpqFegLt9a46GT40hAzJLv2jW//0Myx9yFr:I0RFegLtjMA2FvCW//0Dxo

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  8495f179b7ef1be19104f81ecbcec94d_JaffaCakes118
- Size
  
  133KB
- MD5
  
  8495f179b7ef1be19104f81ecbcec94d
- SHA1
  
  7459fe5875a169e19b7d4d2fd3a17e3cfbcf8d5f
- SHA256
  
  b50f48dae2d38e8ebceaf67193264677e37263734a03632ac51c8e50f4bc06e3
- SHA512
  
  b5db7365e92c92d7cf314d260950b288aad6faa30576c9369d654059ed7b81e8a01d699a2c2560f2ffd6542b2c5fde45228502781991b2218685bb70cd57bbad
- SSDEEP
  
  3072:I0wpqFegLt9a46GT40hAzJLv2jW//0Myx9yFr:I0RFegLtjMA2FvCW//0Dxo
Score

8^/10

discovery persistence
- Server Software Component: Terminal Services DLL
  persistence
- Deletes itself
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Server Software Component

Terminal Services DLL

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence