2f760f8bc2eaca3df20fafdaeb10424ecd6d0ee7e2260a1b02d90be7bb8496d5 | Triage

Sharing

General

Target

e0b1d7fad1577f998fbd7f3b1ad736b0_JaffaCakes118
Size

183KB
Sample

240914-v9h2paxane
MD5

e0b1d7fad1577f998fbd7f3b1ad736b0
SHA1

27569fc55ad843f50b2f8256a5a76566303942f3
SHA256

2f760f8bc2eaca3df20fafdaeb10424ecd6d0ee7e2260a1b02d90be7bb8496d5
SHA512

209e1282b29c6bc37d6f9ac36cdc3d6b75a224270b38b27afec21b914294ae09563dcf321edbc9226f2715b922df2640c5d6b8fefbbff57f9c812e7b77201aba
SSDEEP

3072:33GCZi+u93O+KNr9hoOVGToadTutNNubNVFywb9Ve4kZJcMKQv+C25MOLdUr9hoO:KvWo/ToUatvubNawb9VOExRCiMOEo

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  e0b1d7fad1577f998fbd7f3b1ad736b0_JaffaCakes118
- Size
  
  183KB
- MD5
  
  e0b1d7fad1577f998fbd7f3b1ad736b0
- SHA1
  
  27569fc55ad843f50b2f8256a5a76566303942f3
- SHA256
  
  2f760f8bc2eaca3df20fafdaeb10424ecd6d0ee7e2260a1b02d90be7bb8496d5
- SHA512
  
  209e1282b29c6bc37d6f9ac36cdc3d6b75a224270b38b27afec21b914294ae09563dcf321edbc9226f2715b922df2640c5d6b8fefbbff57f9c812e7b77201aba
- SSDEEP
  
  3072:33GCZi+u93O+KNr9hoOVGToadTutNNubNVFywb9Ve4kZJcMKQv+C25MOLdUr9hoO:KvWo/ToUatvubNawb9VOExRCiMOEo
Score

8^/10

discovery persistence
- Server Software Component: Terminal Services DLL
  persistence
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Server Software Component

Terminal Services DLL

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence