372e07ac0ba85e9efde692b967c7f12d49fb5ea502e93baa29196c35d2e41ea3 | Triage

Sharing

General

Target

76fd7e85d784f634f255644c0665fb03_JaffaCakes118
Size

131KB
Sample

240727-epe7aszalb
MD5

76fd7e85d784f634f255644c0665fb03
SHA1

68256e4d4c38ce278626f45f9ce23efa6d9b5eb5
SHA256

372e07ac0ba85e9efde692b967c7f12d49fb5ea502e93baa29196c35d2e41ea3
SHA512

d1798c0f64b6188476c345ab34c9a4ed1c8bedb4dd78b9d8860e2cfffde434d5ebe2be757143250d0c94ab0a1e35cf420597c62aea90faa0e271edb9c3e6010a
SSDEEP

3072:lvzFyms8JJVb5Ax6oDm2v1RF/9eHiabuOw3sCpJ+:lLuKJYHvvDFECa63se+

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  76fd7e85d784f634f255644c0665fb03_JaffaCakes118
- Size
  
  131KB
- MD5
  
  76fd7e85d784f634f255644c0665fb03
- SHA1
  
  68256e4d4c38ce278626f45f9ce23efa6d9b5eb5
- SHA256
  
  372e07ac0ba85e9efde692b967c7f12d49fb5ea502e93baa29196c35d2e41ea3
- SHA512
  
  d1798c0f64b6188476c345ab34c9a4ed1c8bedb4dd78b9d8860e2cfffde434d5ebe2be757143250d0c94ab0a1e35cf420597c62aea90faa0e271edb9c3e6010a
- SSDEEP
  
  3072:lvzFyms8JJVb5Ax6oDm2v1RF/9eHiabuOw3sCpJ+:lLuKJYHvvDFECa63se+
Score

8^/10

discovery persistence
- Drops file in Drivers directory
- Server Software Component: Terminal Services DLL
  persistence
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Server Software Component

Terminal Services DLL

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence