9f7e4792db4b31f0ca10f45f4ab8464454f27aea61543b420130bf96c494da5d | Triage

Sharing

General

Target

d2fa4e174ff131436979732faed742f3_JaffaCakes118
Size

231KB
Sample

240907-2jqgea1hjd
MD5

d2fa4e174ff131436979732faed742f3
SHA1

dbed2056a723f80f2fcdc5616679e3cb37f372c5
SHA256

9f7e4792db4b31f0ca10f45f4ab8464454f27aea61543b420130bf96c494da5d
SHA512

d9ce9d4dc39aa6844caaab7171f506fecfb98fd15381a093b5847c121d54a6ff7f2ed4b89199148763704b9decf1ae125454ea92dfeb6c34d913ed31c89c225f
SSDEEP

6144:sF+nAqM1SSesHe8DE8Iq0vROklweCp4a+8aX:o+nAR1dHe8DjYspzaX

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  d2fa4e174ff131436979732faed742f3_JaffaCakes118
- Size
  
  231KB
- MD5
  
  d2fa4e174ff131436979732faed742f3
- SHA1
  
  dbed2056a723f80f2fcdc5616679e3cb37f372c5
- SHA256
  
  9f7e4792db4b31f0ca10f45f4ab8464454f27aea61543b420130bf96c494da5d
- SHA512
  
  d9ce9d4dc39aa6844caaab7171f506fecfb98fd15381a093b5847c121d54a6ff7f2ed4b89199148763704b9decf1ae125454ea92dfeb6c34d913ed31c89c225f
- SSDEEP
  
  6144:sF+nAqM1SSesHe8DE8Iq0vROklweCp4a+8aX:o+nAR1dHe8DjYspzaX
Score

8^/10

discovery persistence
- Server Software Component: Terminal Services DLL
  persistence
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Server Software Component

Terminal Services DLL

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence