Overview

overview

8

Static

static

3

261f0e47cf...18.exe

windows7-x64

8

261f0e47cf...18.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    261f0e47cf8788878217a3ff6096898f_JaffaCakes118

  • Size

    86KB

  • Sample

    240704-y16m6syhrc

  • MD5

    261f0e47cf8788878217a3ff6096898f

  • SHA1

    3fbba0ec00a855cfe3bf2b0e8715bc04ec48aa37

  • SHA256

    fa7fbbc951c6e9b6ee6d7d33a863b3e7527bea0290dac1389754fcab3f345fda

  • SHA512

    f87408ec1421c7b1bead128a4d37892ffcfb1af1c3d5b58d83268feba3969d6be686ade093aca1a71184f3dfb7a3dc4642010ed5fa06ff59d5b882ef5b626b31

  • SSDEEP

    1536:XPrfI0+z825wgoL/7SsGInCqeVT86yZsEPUYosnnsDwOFR:LI0z2ego/SsG+A9yZsEHnssuR

Score
8/10
aspackv2persistence

Malware Config

Targets

    • Target

      261f0e47cf8788878217a3ff6096898f_JaffaCakes118

    • Size

      86KB

    • MD5

      261f0e47cf8788878217a3ff6096898f

    • SHA1

      3fbba0ec00a855cfe3bf2b0e8715bc04ec48aa37

    • SHA256

      fa7fbbc951c6e9b6ee6d7d33a863b3e7527bea0290dac1389754fcab3f345fda

    • SHA512

      f87408ec1421c7b1bead128a4d37892ffcfb1af1c3d5b58d83268feba3969d6be686ade093aca1a71184f3dfb7a3dc4642010ed5fa06ff59d5b882ef5b626b31

    • SSDEEP

      1536:XPrfI0+z825wgoL/7SsGInCqeVT86yZsEPUYosnnsDwOFR:LI0z2ego/SsG+A9yZsEHnssuR

    Score
    8/10
    aspackv2persistence

    • Server Software Component: Terminal Services DLL

      persistence

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

      aspackv2

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Server Software Component

1
T1505

Terminal Services DLL

1
T1505.005

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks