2f638cadd450174bd173c90332ff053f76a163046b0ce7167afa609ad2884b55 | Triage

Sharing

General

Target

6fe4a1312159d7293f6b69fe559a1772_JaffaCakes118
Size

82KB
Sample

240725-ret9pasepk
MD5

6fe4a1312159d7293f6b69fe559a1772
SHA1

2673e8019a0fb5304a4e6e8d0534cf686c51c238
SHA256

2f638cadd450174bd173c90332ff053f76a163046b0ce7167afa609ad2884b55
SHA512

06a2d4c7a821e094eb415e14d048563e0bde99745eb01e6d3901a54250cd76fe9417d1c5e3b49cc63fb13a052b9e9a1bd2fcd2af72c15e7a462065941e98cbd6
SSDEEP

1536:O958UEfYVP/CUiqJA8ickdNqGD4zlppofzOhk3UvBTgVVQav6WR:OAUWIP/C9oVi5d3DzfzOefV6fA

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  6fe4a1312159d7293f6b69fe559a1772_JaffaCakes118
- Size
  
  82KB
- MD5
  
  6fe4a1312159d7293f6b69fe559a1772
- SHA1
  
  2673e8019a0fb5304a4e6e8d0534cf686c51c238
- SHA256
  
  2f638cadd450174bd173c90332ff053f76a163046b0ce7167afa609ad2884b55
- SHA512
  
  06a2d4c7a821e094eb415e14d048563e0bde99745eb01e6d3901a54250cd76fe9417d1c5e3b49cc63fb13a052b9e9a1bd2fcd2af72c15e7a462065941e98cbd6
- SSDEEP
  
  1536:O958UEfYVP/CUiqJA8ickdNqGD4zlppofzOhk3UvBTgVVQav6WR:OAUWIP/C9oVi5d3DzfzOefV6fA
Score

8^/10

discovery persistence
- Server Software Component: Terminal Services DLL
  persistence
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Server Software Component

Terminal Services DLL

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence