d7bfb349b668c4ddb15b75b6f1d24c029c87bcd76538fd6080349a8d73c80134 | Triage

Sharing

General

Target

4730287a3d51e2a4da07c41338ca9898_JaffaCakes118
Size

852KB
Sample

240714-26ba1ayhlh
MD5

4730287a3d51e2a4da07c41338ca9898
SHA1

0c1fcb7430fafa0fe5eb8024e9d71559133c9746
SHA256

d7bfb349b668c4ddb15b75b6f1d24c029c87bcd76538fd6080349a8d73c80134
SHA512

0c45222f83c4c8910477ec322d72dd3fff12c0c555cafc0f8c100fd400e3bd8c35cb5f5170e57836de403286ce50b693fda56c4b078635977318f3ae9bcdd997
SSDEEP

12288:JUIt/dPJ0HTwlYkxd7S6RiisSYQOGyKTWszZ4c4k4NXYuxz6lMXydL/iDsao:JUo/ywlY+O61sL2zTWO4c4k4NXhKX2

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  4730287a3d51e2a4da07c41338ca9898_JaffaCakes118
- Size
  
  852KB
- MD5
  
  4730287a3d51e2a4da07c41338ca9898
- SHA1
  
  0c1fcb7430fafa0fe5eb8024e9d71559133c9746
- SHA256
  
  d7bfb349b668c4ddb15b75b6f1d24c029c87bcd76538fd6080349a8d73c80134
- SHA512
  
  0c45222f83c4c8910477ec322d72dd3fff12c0c555cafc0f8c100fd400e3bd8c35cb5f5170e57836de403286ce50b693fda56c4b078635977318f3ae9bcdd997
- SSDEEP
  
  12288:JUIt/dPJ0HTwlYkxd7S6RiisSYQOGyKTWszZ4c4k4NXYuxz6lMXydL/iDsao:JUo/ywlY+O61sL2zTWO4c4k4NXhKX2
Score

8^/10

persistence
- Drops file in Drivers directory
- Server Software Component: Terminal Services DLL
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Server Software Component

Terminal Services DLL

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2