3e693b725c9e2ac7c0ffb034abf5841fe523a84c8015cdcbed635480617370d8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4197647790d6d2be41be9db06dfa84b2_JaffaCakes118
Size

106KB
Sample

240713-n9t1masbpg
MD5

4197647790d6d2be41be9db06dfa84b2
SHA1

992181ff24f4063e9b1d8b94ef4d03ccf3ceb31d
SHA256

3e693b725c9e2ac7c0ffb034abf5841fe523a84c8015cdcbed635480617370d8
SHA512

6f6e9f1f9950ec4015782eeca99af3aa09a2e02b9a03a6afc43db870423b3dcd009418c25d5c7d76475384567fcd9d53bb4e5af82a982c2d6c13066a110e9f3d
SSDEEP

1536:T0OtxariAp2+1duQbZk8QOJM0btaSDVy+jhgMkTrAthENge7v2VWp:RxWp2ismZk1QNtZDVthFkeg7eQp

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  4197647790d6d2be41be9db06dfa84b2_JaffaCakes118
- Size
  
  106KB
- MD5
  
  4197647790d6d2be41be9db06dfa84b2
- SHA1
  
  992181ff24f4063e9b1d8b94ef4d03ccf3ceb31d
- SHA256
  
  3e693b725c9e2ac7c0ffb034abf5841fe523a84c8015cdcbed635480617370d8
- SHA512
  
  6f6e9f1f9950ec4015782eeca99af3aa09a2e02b9a03a6afc43db870423b3dcd009418c25d5c7d76475384567fcd9d53bb4e5af82a982c2d6c13066a110e9f3d
- SSDEEP
  
  1536:T0OtxariAp2+1duQbZk8QOJM0btaSDVy+jhgMkTrAthENge7v2VWp:RxWp2ismZk1QNtZDVthFkeg7eQp
Score

8^/10

persistence
- Server Software Component: Terminal Services DLL
  persistence
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Server Software Component

Terminal Services DLL

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2