65bf49a9e9c65dc613814fa4a1eb2067cf7029e285205114a12784a5f741d1a8 | Triage

Sharing

General

Target

81e07dcd4aba843776a775f6b2797022_JaffaCakes118
Size

1.1MB
Sample

240801-1thc4sxhkr
MD5

81e07dcd4aba843776a775f6b2797022
SHA1

7e8e46a2a8cb9a61b70e39d1c6c89b1e5d4f64fa
SHA256

65bf49a9e9c65dc613814fa4a1eb2067cf7029e285205114a12784a5f741d1a8
SHA512

19ce1fe5dcf6a873626eb85663f5f10c19be23b711a7c2eb2687af47876bb74659922cdde1dc841f8fc6346cebb055952315d003c1e61f42c206675f6422b1bd
SSDEEP

24576:SMpZ4OxwR1QcQq/W7ihb4bPWmBLXvPmVpTrdzjs00V:SuNZ7Ib8ZBL2/Xm

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  81e07dcd4aba843776a775f6b2797022_JaffaCakes118
- Size
  
  1.1MB
- MD5
  
  81e07dcd4aba843776a775f6b2797022
- SHA1
  
  7e8e46a2a8cb9a61b70e39d1c6c89b1e5d4f64fa
- SHA256
  
  65bf49a9e9c65dc613814fa4a1eb2067cf7029e285205114a12784a5f741d1a8
- SHA512
  
  19ce1fe5dcf6a873626eb85663f5f10c19be23b711a7c2eb2687af47876bb74659922cdde1dc841f8fc6346cebb055952315d003c1e61f42c206675f6422b1bd
- SSDEEP
  
  24576:SMpZ4OxwR1QcQq/W7ihb4bPWmBLXvPmVpTrdzjs00V:SuNZ7Ib8ZBL2/Xm
Score

8^/10

discovery persistence
- Server Software Component: Terminal Services DLL
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Server Software Component

Terminal Services DLL

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence