d6d240a9ab606f0e82e4bc677be50808b20ffbdaa24f7b8150e24e2a72c4d748 | Triage

Sharing

General

Target

1aef19b6fcdd3b6a015df67dcafa364b_JaffaCakes118
Size

1.1MB
Sample

240701-mfn2vazamj
MD5

1aef19b6fcdd3b6a015df67dcafa364b
SHA1

9007207ef836abfff4e15c78e60587e1bc5cad94
SHA256

d6d240a9ab606f0e82e4bc677be50808b20ffbdaa24f7b8150e24e2a72c4d748
SHA512

7d5d6bc7db25feb9d779bb2005f486d239b1e8d93a24331315fbf7dce968f151a08909059d3f02d512d4226eaaec7744cfcaff8caf45f199f069a39ab6fd9ad9
SSDEEP

24576:SMpZ4OxwR1QcQq/W7ihb4bPWmBLXvPmVpTrdzjs007:SuNZ7Ib8ZBL2/XY

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  1aef19b6fcdd3b6a015df67dcafa364b_JaffaCakes118
- Size
  
  1.1MB
- MD5
  
  1aef19b6fcdd3b6a015df67dcafa364b
- SHA1
  
  9007207ef836abfff4e15c78e60587e1bc5cad94
- SHA256
  
  d6d240a9ab606f0e82e4bc677be50808b20ffbdaa24f7b8150e24e2a72c4d748
- SHA512
  
  7d5d6bc7db25feb9d779bb2005f486d239b1e8d93a24331315fbf7dce968f151a08909059d3f02d512d4226eaaec7744cfcaff8caf45f199f069a39ab6fd9ad9
- SSDEEP
  
  24576:SMpZ4OxwR1QcQq/W7ihb4bPWmBLXvPmVpTrdzjs007:SuNZ7Ib8ZBL2/XY
Score

8^/10

persistence
- Server Software Component: Terminal Services DLL
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Server Software Component

Terminal Services DLL

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2