197f677e8476ef115fe97fd02c9e8ab08ba9e1415cc44b38608ceea1beca0049 | Triage

Sharing

General

Target

2e931416d18aaff7e785897a73cc30fb_JaffaCakes118
Size

1.1MB
Sample

240709-b6b97asdpa
MD5

2e931416d18aaff7e785897a73cc30fb
SHA1

ba17f223aa0d31c4fee60f63eca1711bd9dd7b6d
SHA256

197f677e8476ef115fe97fd02c9e8ab08ba9e1415cc44b38608ceea1beca0049
SHA512

e722a90674539a1467d03e2b94639a432fb8e2da59ec6d96dca2f75ab20fd5f3c003610ee5b551b5032edb518682affd7d77ea71fc3df43e45481720fdb6a528
SSDEEP

24576:SMpZ4OxwR1QcQq/W7ihb4bPWmBLXvPmVpTrdzjs00T:SuNZ7Ib8ZBL2/X8

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  2e931416d18aaff7e785897a73cc30fb_JaffaCakes118
- Size
  
  1.1MB
- MD5
  
  2e931416d18aaff7e785897a73cc30fb
- SHA1
  
  ba17f223aa0d31c4fee60f63eca1711bd9dd7b6d
- SHA256
  
  197f677e8476ef115fe97fd02c9e8ab08ba9e1415cc44b38608ceea1beca0049
- SHA512
  
  e722a90674539a1467d03e2b94639a432fb8e2da59ec6d96dca2f75ab20fd5f3c003610ee5b551b5032edb518682affd7d77ea71fc3df43e45481720fdb6a528
- SSDEEP
  
  24576:SMpZ4OxwR1QcQq/W7ihb4bPWmBLXvPmVpTrdzjs00T:SuNZ7Ib8ZBL2/X8
Score

8^/10

persistence
- Server Software Component: Terminal Services DLL
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Server Software Component

Terminal Services DLL

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2