0191cac2657e1a2c8f1669ce82d0a6fe8328cfa1aa66ac8f51f74def59c0c598 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3bd000284699c4342267bd473dd14e8e_JaffaCakes118
Size

36KB
Sample

240712-dv23kswfrn
MD5

3bd000284699c4342267bd473dd14e8e
SHA1

3380885f4fc4853d32482963fb77e5abb3b7095a
SHA256

0191cac2657e1a2c8f1669ce82d0a6fe8328cfa1aa66ac8f51f74def59c0c598
SHA512

097ca4d26786e61a026e3ab642fe8d7dfc19507dc4e122793c601caf51e0852c2060e8bda736ea810b5d605347b3629d2d5955279c15f250846573780be71bca
SSDEEP

384:PhfohK86pddylKqvv3d7yz4TaAXUOaKeGTEOtNWieTWZvz:Z0KFOlKqv1Sw7XUOa0ERy

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  3bd000284699c4342267bd473dd14e8e_JaffaCakes118
- Size
  
  36KB
- MD5
  
  3bd000284699c4342267bd473dd14e8e
- SHA1
  
  3380885f4fc4853d32482963fb77e5abb3b7095a
- SHA256
  
  0191cac2657e1a2c8f1669ce82d0a6fe8328cfa1aa66ac8f51f74def59c0c598
- SHA512
  
  097ca4d26786e61a026e3ab642fe8d7dfc19507dc4e122793c601caf51e0852c2060e8bda736ea810b5d605347b3629d2d5955279c15f250846573780be71bca
- SSDEEP
  
  384:PhfohK86pddylKqvv3d7yz4TaAXUOaKeGTEOtNWieTWZvz:Z0KFOlKqv1Sw7XUOa0ERy
Score

8^/10

persistence
- Server Software Component: Terminal Services DLL
  persistence
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Server Software Component

Terminal Services DLL

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2