6881d435742e7d177cde76e94dfc540a06acb89af16cbdc3b4c5ea79d19a6734 | Triage

Sharing

General

Target

384e87a270a8e46a19e00613e4b91f73_JaffaCakes118
Size

71KB
Sample

240711-jwbvnszakd
MD5

384e87a270a8e46a19e00613e4b91f73
SHA1

8fe64538c78254f40f1fded079a178aed4fe002c
SHA256

6881d435742e7d177cde76e94dfc540a06acb89af16cbdc3b4c5ea79d19a6734
SHA512

4e370e949c5de5d0e218dbcf5b050d46a3f88746b7160e7f86ea87460002d49b4e7543d40bde5c6185543ab50185e5f053a10cb7db82cb0bf4a219e8835fbdf2
SSDEEP

1536:YEY2adY0d6BoVWDXM0hf+li40MwIbDv2SidY:7YzP8Hzhf+wIbTtGY

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  384e87a270a8e46a19e00613e4b91f73_JaffaCakes118
- Size
  
  71KB
- MD5
  
  384e87a270a8e46a19e00613e4b91f73
- SHA1
  
  8fe64538c78254f40f1fded079a178aed4fe002c
- SHA256
  
  6881d435742e7d177cde76e94dfc540a06acb89af16cbdc3b4c5ea79d19a6734
- SHA512
  
  4e370e949c5de5d0e218dbcf5b050d46a3f88746b7160e7f86ea87460002d49b4e7543d40bde5c6185543ab50185e5f053a10cb7db82cb0bf4a219e8835fbdf2
- SSDEEP
  
  1536:YEY2adY0d6BoVWDXM0hf+li40MwIbDv2SidY:7YzP8Hzhf+wIbTtGY
Score

8^/10

persistence
- Server Software Component: Terminal Services DLL
  persistence
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Server Software Component

Terminal Services DLL

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2