7ffe44bc483925d15f4ccf5a718391dce8f4815a467b5b9ecf90f69a1d8d36d0 | Triage

Sharing

General

Target

b35e3a44d16424923f4e2b3abb3fe3ed_JaffaCakes118
Size

65KB
Sample

240821-n41k8a1aqm
MD5

b35e3a44d16424923f4e2b3abb3fe3ed
SHA1

07fe07abf7b8f09f4aa45e5245292d5c56974b81
SHA256

7ffe44bc483925d15f4ccf5a718391dce8f4815a467b5b9ecf90f69a1d8d36d0
SHA512

b989e9607988a84eafb746b19f2b185e9661beddf4e2b8ddae2311719c9ab9ba1b390e831116db92a81f210fbf8f3d2daf70197ae2a4e26edf726882df9dc366
SSDEEP

768:52XJRuEB9wnjcZ+WiywgPTFT+pI9XSIybAOH3BXI/SfDXlcFb2sist50X5wwE3qD:4KDyLFn9irbxHFhXlQzibX5w93cD

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  b35e3a44d16424923f4e2b3abb3fe3ed_JaffaCakes118
- Size
  
  65KB
- MD5
  
  b35e3a44d16424923f4e2b3abb3fe3ed
- SHA1
  
  07fe07abf7b8f09f4aa45e5245292d5c56974b81
- SHA256
  
  7ffe44bc483925d15f4ccf5a718391dce8f4815a467b5b9ecf90f69a1d8d36d0
- SHA512
  
  b989e9607988a84eafb746b19f2b185e9661beddf4e2b8ddae2311719c9ab9ba1b390e831116db92a81f210fbf8f3d2daf70197ae2a4e26edf726882df9dc366
- SSDEEP
  
  768:52XJRuEB9wnjcZ+WiywgPTFT+pI9XSIybAOH3BXI/SfDXlcFb2sist50X5wwE3qD:4KDyLFn9irbxHFhXlQzibX5w93cD
Score

8^/10

discovery persistence
- Drops file in Drivers directory
- Server Software Component: Terminal Services DLL
  persistence
- Deletes itself
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Server Software Component

Terminal Services DLL

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence