f0daa65b176c60444b363f983933c5029665293f9a8bea707c4c8eee28c3427c | Triage

Sharing

General

Target

d4234a9476aaf05758edd6c0fddd963b_JaffaCakes118
Size

108KB
Sample

240908-mdxk7sshpf
MD5

d4234a9476aaf05758edd6c0fddd963b
SHA1

e3a8d750fdd0e4ca35990942f73b715602a744d2
SHA256

f0daa65b176c60444b363f983933c5029665293f9a8bea707c4c8eee28c3427c
SHA512

366f8f8bf4220316e792582e61a38f975f310c82a0eb589760498d6ffc07457357ae5167876209b496637ebbfe7a5e106d152df837342cfb49575c2c805a1e30
SSDEEP

1536:X3n59TIEURh4PU/oj5UxcoDTOc01nFqilT6BQQZjuWKEoq9YsSZxHpWp9i:ndURh4PUAdUxcoDynnH4uJEoq9YbpS

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  d4234a9476aaf05758edd6c0fddd963b_JaffaCakes118
- Size
  
  108KB
- MD5
  
  d4234a9476aaf05758edd6c0fddd963b
- SHA1
  
  e3a8d750fdd0e4ca35990942f73b715602a744d2
- SHA256
  
  f0daa65b176c60444b363f983933c5029665293f9a8bea707c4c8eee28c3427c
- SHA512
  
  366f8f8bf4220316e792582e61a38f975f310c82a0eb589760498d6ffc07457357ae5167876209b496637ebbfe7a5e106d152df837342cfb49575c2c805a1e30
- SSDEEP
  
  1536:X3n59TIEURh4PU/oj5UxcoDTOc01nFqilT6BQQZjuWKEoq9YsSZxHpWp9i:ndURh4PUAdUxcoDynnH4uJEoq9YbpS
Score

8^/10

discovery persistence
- Server Software Component: Terminal Services DLL
  persistence
- Deletes itself
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Server Software Component

Terminal Services DLL

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence