6406c3ae90c47d1d401f61bf7ff42aa4b97f89a61a698a19ad8a324a140c5ee9 | Triage

Sharing

General

Target

2fab81c77a6e8d2d06bfdd3ccb40a9d3_JaffaCakes118
Size

558KB
Sample

240709-kh45qsvemj
MD5

2fab81c77a6e8d2d06bfdd3ccb40a9d3
SHA1

8748dd1fc5a541aa2d9a345b8478d03935b13ead
SHA256

6406c3ae90c47d1d401f61bf7ff42aa4b97f89a61a698a19ad8a324a140c5ee9
SHA512

b611ed543f93c782b30edb4d7cdff9ca3f380fa20cdc50162d9e4f4dbec8fb04f8026ab435cec2a56b71a626b1aa6c7ab562a140ab881e1b077beda86524c469
SSDEEP

12288:wQt+YuteVRVmUX83NYrqqU0dGQq3w0hTdgIz:w8IMRVrONSqqFGQNITdgw

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  2fab81c77a6e8d2d06bfdd3ccb40a9d3_JaffaCakes118
- Size
  
  558KB
- MD5
  
  2fab81c77a6e8d2d06bfdd3ccb40a9d3
- SHA1
  
  8748dd1fc5a541aa2d9a345b8478d03935b13ead
- SHA256
  
  6406c3ae90c47d1d401f61bf7ff42aa4b97f89a61a698a19ad8a324a140c5ee9
- SHA512
  
  b611ed543f93c782b30edb4d7cdff9ca3f380fa20cdc50162d9e4f4dbec8fb04f8026ab435cec2a56b71a626b1aa6c7ab562a140ab881e1b077beda86524c469
- SSDEEP
  
  12288:wQt+YuteVRVmUX83NYrqqU0dGQq3w0hTdgIz:w8IMRVrONSqqFGQNITdgw
Score

8^/10

persistence
- Server Software Component: Terminal Services DLL
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Server Software Component

Terminal Services DLL

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2