6fb8e782e4ca177914a0ce472daed1960153022e8cefd8223f03fb1beb243463 | Triage

Sharing

General

Target

95cbbac5ebe1ce19684070afc6aa5cac_JaffaCakes118
Size

73KB
Sample

240814-my9fhayama
MD5

95cbbac5ebe1ce19684070afc6aa5cac
SHA1

5ed0992eec38ed0190058d1c8ad4b0e756d7044a
SHA256

6fb8e782e4ca177914a0ce472daed1960153022e8cefd8223f03fb1beb243463
SHA512

f36ed0d281aeddb95a41857b59ee9ce77e0d3bbc22c1254689f06197c87352d5da13c46a566c3fd82a3fa1653383e015b7ad35b56f7b5dc9a7f9de84cba39d18
SSDEEP

1536:qu0s+S3laAGcvKen/VFnToIfITRur5ZvNTeiFp0zA+V/R8:f0s+Sien/VtTBfITRur5ZvNTeiP0Z

Score

8^/10

discovery persistence vmprotect

Malware Config

Targets

- Target
  
  95cbbac5ebe1ce19684070afc6aa5cac_JaffaCakes118
- Size
  
  73KB
- MD5
  
  95cbbac5ebe1ce19684070afc6aa5cac
- SHA1
  
  5ed0992eec38ed0190058d1c8ad4b0e756d7044a
- SHA256
  
  6fb8e782e4ca177914a0ce472daed1960153022e8cefd8223f03fb1beb243463
- SHA512
  
  f36ed0d281aeddb95a41857b59ee9ce77e0d3bbc22c1254689f06197c87352d5da13c46a566c3fd82a3fa1653383e015b7ad35b56f7b5dc9a7f9de84cba39d18
- SSDEEP
  
  1536:qu0s+S3laAGcvKen/VFnToIfITRur5ZvNTeiFp0zA+V/R8:f0s+Sien/VtTBfITRur5ZvNTeiP0Z
Score

8^/10

discovery persistence
- Server Software Component: Terminal Services DLL
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Server Software Component

Terminal Services DLL

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2