f53f42fa4de188bddb51e6c21a82825c672523cbe0b92ce4805d6a95063f5b8e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8c5b5030b19bcebb227dff3ba4f9149a_JaffaCakes118
Size

105KB
Sample

240811-26gg1stdjr
MD5

8c5b5030b19bcebb227dff3ba4f9149a
SHA1

7de26ec2c1dcf921a2d31d8dad8470fcebcb3a44
SHA256

f53f42fa4de188bddb51e6c21a82825c672523cbe0b92ce4805d6a95063f5b8e
SHA512

48b49803fa5cc18458a5fe13ed249d4635d33784ac3a81d3e370c50956ca348f1789bab859c11021fb8bc75b63981b12e66828d7acb591fd876ff6f5f6085309
SSDEEP

3072:DuFZxv1UD05HLtvFckRPqA5e8XC5sJxY/:DmZB1UD05BDx/e+LJxY/

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  8c5b5030b19bcebb227dff3ba4f9149a_JaffaCakes118
- Size
  
  105KB
- MD5
  
  8c5b5030b19bcebb227dff3ba4f9149a
- SHA1
  
  7de26ec2c1dcf921a2d31d8dad8470fcebcb3a44
- SHA256
  
  f53f42fa4de188bddb51e6c21a82825c672523cbe0b92ce4805d6a95063f5b8e
- SHA512
  
  48b49803fa5cc18458a5fe13ed249d4635d33784ac3a81d3e370c50956ca348f1789bab859c11021fb8bc75b63981b12e66828d7acb591fd876ff6f5f6085309
- SSDEEP
  
  3072:DuFZxv1UD05HLtvFckRPqA5e8XC5sJxY/:DmZB1UD05BDx/e+LJxY/
Score

8^/10

discovery persistence
- Server Software Component: Terminal Services DLL
  persistence
- Deletes itself
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Server Software Component

Terminal Services DLL

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence