2dc30cc28fd2c3db4dfc1b53226b7619e0d760c37f2465b8f13d3665ed518e7e | Triage

Sharing

General

Target

b08b5e2d643f2452d18ca622051a67fa_JaffaCakes118
Size

105KB
Sample

240820-yanpnszbre
MD5

b08b5e2d643f2452d18ca622051a67fa
SHA1

0b195bd54fbc19461ac46dee016c4dd0cf478b0d
SHA256

2dc30cc28fd2c3db4dfc1b53226b7619e0d760c37f2465b8f13d3665ed518e7e
SHA512

aca4a92e58dd998bc3bb577187d3fe5ff0a703d46877b5395db4910db5e382a5b25f6c6286f72b6032c1446dd96a3d852e6b58e97f3c11a10b42a74309e87ba5
SSDEEP

3072:J/oxpFv1j6n1iWtBnnp5BnRp8/CpnsJxVb:JQxpl1j6n1nnjXpmmsJxVb

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  b08b5e2d643f2452d18ca622051a67fa_JaffaCakes118
- Size
  
  105KB
- MD5
  
  b08b5e2d643f2452d18ca622051a67fa
- SHA1
  
  0b195bd54fbc19461ac46dee016c4dd0cf478b0d
- SHA256
  
  2dc30cc28fd2c3db4dfc1b53226b7619e0d760c37f2465b8f13d3665ed518e7e
- SHA512
  
  aca4a92e58dd998bc3bb577187d3fe5ff0a703d46877b5395db4910db5e382a5b25f6c6286f72b6032c1446dd96a3d852e6b58e97f3c11a10b42a74309e87ba5
- SSDEEP
  
  3072:J/oxpFv1j6n1iWtBnnp5BnRp8/CpnsJxVb:JQxpl1j6n1nnjXpmmsJxVb
Score

8^/10

discovery persistence
- Server Software Component: Terminal Services DLL
  persistence
- Deletes itself
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Server Software Component

Terminal Services DLL

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence