297506e41c784cffc6c9ae9090bec017835493b912400265102ce6a535c62bca | Triage

Sharing

General

Target

cfa0d4baf3479a00360752f428b024dc_JaffaCakes118
Size

111KB
Sample

240906-qlyd9aygqe
MD5

cfa0d4baf3479a00360752f428b024dc
SHA1

f65ea151014639cf32838d30cfd353fadf2522ad
SHA256

297506e41c784cffc6c9ae9090bec017835493b912400265102ce6a535c62bca
SHA512

b2556b2bce59a97da7d4a0d7e0b4c9158d3c74a80d6fe8a0fad6ff63c28f6ff10b73817ab91b1a90a02f3e7e08dc0b99fdb007331da58fa6b9b1496f577d34d5
SSDEEP

3072:4+f+23qAfAM2V7K9R6wJjU+H2GH0RF4t+vas:4+f+eq0SxwtU5GHsGt+P

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  cfa0d4baf3479a00360752f428b024dc_JaffaCakes118
- Size
  
  111KB
- MD5
  
  cfa0d4baf3479a00360752f428b024dc
- SHA1
  
  f65ea151014639cf32838d30cfd353fadf2522ad
- SHA256
  
  297506e41c784cffc6c9ae9090bec017835493b912400265102ce6a535c62bca
- SHA512
  
  b2556b2bce59a97da7d4a0d7e0b4c9158d3c74a80d6fe8a0fad6ff63c28f6ff10b73817ab91b1a90a02f3e7e08dc0b99fdb007331da58fa6b9b1496f577d34d5
- SSDEEP
  
  3072:4+f+23qAfAM2V7K9R6wJjU+H2GH0RF4t+vas:4+f+eq0SxwtU5GHsGt+P
Score

8^/10

persistence discovery
- Server Software Component: Terminal Services DLL
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Server Software Component

Terminal Services DLL

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2