56c6f04a5bba2d3d4c7c984f8797882075752c8fdbe536ba32fbde6f642a2129 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ce9c0ae66f8837b9a00b6f5305de1bfd_JaffaCakes118
Size

123KB
Sample

240906-em8e3averq
MD5

ce9c0ae66f8837b9a00b6f5305de1bfd
SHA1

d6d621b708560205179e22d9f135c66b6c3719f3
SHA256

56c6f04a5bba2d3d4c7c984f8797882075752c8fdbe536ba32fbde6f642a2129
SHA512

1d1d8dbe8c4f12afce426f292d6d94c2dacd7101b4653162b1680eebc5ad19d981ecd863d39fce72eb82a8b55208a6d117b88539b36a4508e018b80937ea555e
SSDEEP

3072:i7hfITuPj0mzvyqAHDkzs0td6E9kdmKv+3NI:KfITPs1AH41tc+kdmKv+

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  ce9c0ae66f8837b9a00b6f5305de1bfd_JaffaCakes118
- Size
  
  123KB
- MD5
  
  ce9c0ae66f8837b9a00b6f5305de1bfd
- SHA1
  
  d6d621b708560205179e22d9f135c66b6c3719f3
- SHA256
  
  56c6f04a5bba2d3d4c7c984f8797882075752c8fdbe536ba32fbde6f642a2129
- SHA512
  
  1d1d8dbe8c4f12afce426f292d6d94c2dacd7101b4653162b1680eebc5ad19d981ecd863d39fce72eb82a8b55208a6d117b88539b36a4508e018b80937ea555e
- SSDEEP
  
  3072:i7hfITuPj0mzvyqAHDkzs0td6E9kdmKv+3NI:KfITPs1AH41tc+kdmKv+
Score

8^/10

discovery persistence
- Server Software Component: Terminal Services DLL
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Server Software Component

Terminal Services DLL

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence