7a4f9301569cc0e5bee11cbe06c430995f19a08cff707035e23f5e2bc49e41d5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5ba7a5d6ecc2d1ce1fd8e8d08f431850_JaffaCakes118
Size

1.1MB
Sample

240719-m4bres1cqg
MD5

5ba7a5d6ecc2d1ce1fd8e8d08f431850
SHA1

58852a12f81ba6b6e4275770d21e1f5fdbe790a9
SHA256

7a4f9301569cc0e5bee11cbe06c430995f19a08cff707035e23f5e2bc49e41d5
SHA512

ae259e26583399bb6da589a9f19787d5d819695d60fbae543cdb8f398417e44467b1c926d9aca74a363955c357ffe2cf64bd1fcb92c0e7a87653d43045013350
SSDEEP

24576:SMpZ4OxwR1QcQq/W7ihb4bPWmBLXvPmVpTrdzjs00t:SuNZ7Ib8ZBL2/Xy

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  5ba7a5d6ecc2d1ce1fd8e8d08f431850_JaffaCakes118
- Size
  
  1.1MB
- MD5
  
  5ba7a5d6ecc2d1ce1fd8e8d08f431850
- SHA1
  
  58852a12f81ba6b6e4275770d21e1f5fdbe790a9
- SHA256
  
  7a4f9301569cc0e5bee11cbe06c430995f19a08cff707035e23f5e2bc49e41d5
- SHA512
  
  ae259e26583399bb6da589a9f19787d5d819695d60fbae543cdb8f398417e44467b1c926d9aca74a363955c357ffe2cf64bd1fcb92c0e7a87653d43045013350
- SSDEEP
  
  24576:SMpZ4OxwR1QcQq/W7ihb4bPWmBLXvPmVpTrdzjs00t:SuNZ7Ib8ZBL2/Xy
Score

8^/10

persistence
- Server Software Component: Terminal Services DLL
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Server Software Component

Terminal Services DLL

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2