47ae5e9df2fdb041f908b1c6a8adf9f9ca1d89bc62f086eaf426fd12615a92f0 | Triage

Sharing

General

Target

82d1a951db561143d9be97a2df450c08_JaffaCakes118
Size

279KB
Sample

240802-dnct4ssfmj
MD5

82d1a951db561143d9be97a2df450c08
SHA1

598816ffbb857172206f06cd4eadbc1324d07327
SHA256

47ae5e9df2fdb041f908b1c6a8adf9f9ca1d89bc62f086eaf426fd12615a92f0
SHA512

d242aac7e53db151e5564d915e058e3c73c0e43df81cca99a564d690927ee23fbbc964512ab59a48a2b5228a262351b2d01024544013bfdab440f1dfaea2bf6b
SSDEEP

6144:M5tElnhxpZQSDV78lSuutn23IretJY21eQQfba2KIuu5t4H4M5Dbtsz74z+ewuHx:StYvQe74ven6ImJ11GbzblIH4yDOX4zP

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  82d1a951db561143d9be97a2df450c08_JaffaCakes118
- Size
  
  279KB
- MD5
  
  82d1a951db561143d9be97a2df450c08
- SHA1
  
  598816ffbb857172206f06cd4eadbc1324d07327
- SHA256
  
  47ae5e9df2fdb041f908b1c6a8adf9f9ca1d89bc62f086eaf426fd12615a92f0
- SHA512
  
  d242aac7e53db151e5564d915e058e3c73c0e43df81cca99a564d690927ee23fbbc964512ab59a48a2b5228a262351b2d01024544013bfdab440f1dfaea2bf6b
- SSDEEP
  
  6144:M5tElnhxpZQSDV78lSuutn23IretJY21eQQfba2KIuu5t4H4M5Dbtsz74z+ewuHx:StYvQe74ven6ImJ11GbzblIH4yDOX4zP
Score

8^/10

discovery persistence
- Drops file in Drivers directory
- Server Software Component: Terminal Services DLL
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Server Software Component

Terminal Services DLL

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence