09e5acd783762600b5356b5dcbb3f156931ba7c518e9de18ed748ca5b0c294e1 | Triage

Sharing

General

Target

18d5bd2f7e1152ebdd0329591f03fde9_JaffaCakes118
Size

148KB
Sample

240628-fg3s3avcrm
MD5

18d5bd2f7e1152ebdd0329591f03fde9
SHA1

12c1f858791a9998b44b538c4fdd8d84ead227e8
SHA256

09e5acd783762600b5356b5dcbb3f156931ba7c518e9de18ed748ca5b0c294e1
SHA512

98cf93428f1945a22855b04e3d38510609ba51eab2d76a7b3e990e3cbc2faa0d81269a258dd1642dae5e689e64ba31073068ba892b73f4c038f4bf122d3f12d2
SSDEEP

3072:dXkAWxVjantS/u6QjXsfjNoX3R1+bneGQJjkWhl5XRJ22:d0AWxVjI4/vfx4B+npyhl5x

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  18d5bd2f7e1152ebdd0329591f03fde9_JaffaCakes118
- Size
  
  148KB
- MD5
  
  18d5bd2f7e1152ebdd0329591f03fde9
- SHA1
  
  12c1f858791a9998b44b538c4fdd8d84ead227e8
- SHA256
  
  09e5acd783762600b5356b5dcbb3f156931ba7c518e9de18ed748ca5b0c294e1
- SHA512
  
  98cf93428f1945a22855b04e3d38510609ba51eab2d76a7b3e990e3cbc2faa0d81269a258dd1642dae5e689e64ba31073068ba892b73f4c038f4bf122d3f12d2
- SSDEEP
  
  3072:dXkAWxVjantS/u6QjXsfjNoX3R1+bneGQJjkWhl5XRJ22:d0AWxVjI4/vfx4B+npyhl5x
Score

8^/10

persistence
- Server Software Component: Terminal Services DLL
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Server Software Component

Terminal Services DLL

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2