40433709bed7d1619aa7fc3056e2c8b816c3f04c9d2438ea58be5d247fe8b7b5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

197f5e419371f20976bc0bcf0f54e1d7_JaffaCakes118
Size

1.1MB
Sample

240628-knzr7stbqq
MD5

197f5e419371f20976bc0bcf0f54e1d7
SHA1

9761365d68ee1e095730121761fefa97ccc6ebfc
SHA256

40433709bed7d1619aa7fc3056e2c8b816c3f04c9d2438ea58be5d247fe8b7b5
SHA512

64668ea03cc2d009573874eb03de3d9d4e3802594a068c23df2178ed394e1577758c0c37cfb15d6b2f12921e7e92e7af6bee3d515bc49e60b1078d30e92bb258
SSDEEP

24576:SMpZ4OxwR1QcQq/W7ihb4bPWmBLXvPmVpTrdzjs00/:SuNZ7Ib8ZBL2/Xs

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  197f5e419371f20976bc0bcf0f54e1d7_JaffaCakes118
- Size
  
  1.1MB
- MD5
  
  197f5e419371f20976bc0bcf0f54e1d7
- SHA1
  
  9761365d68ee1e095730121761fefa97ccc6ebfc
- SHA256
  
  40433709bed7d1619aa7fc3056e2c8b816c3f04c9d2438ea58be5d247fe8b7b5
- SHA512
  
  64668ea03cc2d009573874eb03de3d9d4e3802594a068c23df2178ed394e1577758c0c37cfb15d6b2f12921e7e92e7af6bee3d515bc49e60b1078d30e92bb258
- SSDEEP
  
  24576:SMpZ4OxwR1QcQq/W7ihb4bPWmBLXvPmVpTrdzjs00/:SuNZ7Ib8ZBL2/Xs
Score

8^/10

persistence
- Server Software Component: Terminal Services DLL
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Server Software Component

Terminal Services DLL

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2