b7b63250f50a770ac784b678874ee3ebf2c024532898b230ddd74475b1c97a5c | Triage

Sharing

General

Target

a0d5db472852122595d18bc5cc8f07bb_JaffaCakes118
Size

237KB
Sample

240817-cn7tta1gka
MD5

a0d5db472852122595d18bc5cc8f07bb
SHA1

2294224b82dc5df83062bdb5f5dd67b03b1b0a56
SHA256

b7b63250f50a770ac784b678874ee3ebf2c024532898b230ddd74475b1c97a5c
SHA512

6e700d5deb166ae5bbd962cd7917ad66308b6d5047a5721c8d95944c4570b8399d9977f0b8df78a0236c7bac9ff69c432a4bb89e24d175aa3ae980922d31617a
SSDEEP

6144:0tzsb5Uh28+V1WW69B9VjMdxPedN9ug0z9TB9SEghwJi0CeaH5++YV5+Ie:0tzE5elwLz9Trvj0eaH5+5+l

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  a0d5db472852122595d18bc5cc8f07bb_JaffaCakes118
- Size
  
  237KB
- MD5
  
  a0d5db472852122595d18bc5cc8f07bb
- SHA1
  
  2294224b82dc5df83062bdb5f5dd67b03b1b0a56
- SHA256
  
  b7b63250f50a770ac784b678874ee3ebf2c024532898b230ddd74475b1c97a5c
- SHA512
  
  6e700d5deb166ae5bbd962cd7917ad66308b6d5047a5721c8d95944c4570b8399d9977f0b8df78a0236c7bac9ff69c432a4bb89e24d175aa3ae980922d31617a
- SSDEEP
  
  6144:0tzsb5Uh28+V1WW69B9VjMdxPedN9ug0z9TB9SEghwJi0CeaH5++YV5+Ie:0tzE5elwLz9Trvj0eaH5+5+l
Score

8^/10

persistence
- Server Software Component: Terminal Services DLL
  persistence
- Sets service image path in registry
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Server Software Component

Terminal Services DLL

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2