b3f06a393e659ba213a529f64cf5693faad1394e06376fd9e576ee2a58fae94b | Triage

Sharing

General

Target

cf194b76e83bc9ff7934233ca1928593_JaffaCakes118
Size

169KB
Sample

240906-j8qvcswcjn
MD5

cf194b76e83bc9ff7934233ca1928593
SHA1

e42b757498c6cc4999a24ac971c6f50addf295fc
SHA256

b3f06a393e659ba213a529f64cf5693faad1394e06376fd9e576ee2a58fae94b
SHA512

0293cb3aae3d966ce9bf204a550a2b503168a353a15ff516b7d55048c323d4f105ccf059ea7192ad710169e289cbb1b973b1c745de251d823daa03a5e82d75bb
SSDEEP

3072:s/+0e9ccSfNgbLZ1g4QYRPpLq8ZjA/du1hQPj:s/+0fTfNsLZTQsPpL1Z0/du1g

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  cf194b76e83bc9ff7934233ca1928593_JaffaCakes118
- Size
  
  169KB
- MD5
  
  cf194b76e83bc9ff7934233ca1928593
- SHA1
  
  e42b757498c6cc4999a24ac971c6f50addf295fc
- SHA256
  
  b3f06a393e659ba213a529f64cf5693faad1394e06376fd9e576ee2a58fae94b
- SHA512
  
  0293cb3aae3d966ce9bf204a550a2b503168a353a15ff516b7d55048c323d4f105ccf059ea7192ad710169e289cbb1b973b1c745de251d823daa03a5e82d75bb
- SSDEEP
  
  3072:s/+0e9ccSfNgbLZ1g4QYRPpLq8ZjA/du1hQPj:s/+0fTfNsLZTQsPpL1Z0/du1g
Score

8^/10

discovery persistence
- Drops file in Drivers directory
- Server Software Component: Terminal Services DLL
  persistence
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Server Software Component

Terminal Services DLL

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2