c40bdd194381f765a191f2ea46186b4b134efb4e3f231263643c8b536a7b752b | Triage

Sharing

General

Target

3e388d28658e65e91fdd0e907d7a107f_JaffaCakes118
Size

1.0MB
Sample

241013-gwekfswhqq
MD5

3e388d28658e65e91fdd0e907d7a107f
SHA1

2b452ee85e19e4f7afeb2884609b0c71e85f779c
SHA256

c40bdd194381f765a191f2ea46186b4b134efb4e3f231263643c8b536a7b752b
SHA512

52d980124bf50ea75a9cc1d2b1060f8a9715c60fb72cd73069e31f81e68638fc55949b9c05dd53bc5ed8cba1a64521e32d9960e21952f58c110c82539e66fcae
SSDEEP

3072:UGcL+PIrZUMMeWv/MpoJAfeK/+V1w6WvrrVic:4+kFM3v/eRbQWDr

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  3e388d28658e65e91fdd0e907d7a107f_JaffaCakes118
- Size
  
  1.0MB
- MD5
  
  3e388d28658e65e91fdd0e907d7a107f
- SHA1
  
  2b452ee85e19e4f7afeb2884609b0c71e85f779c
- SHA256
  
  c40bdd194381f765a191f2ea46186b4b134efb4e3f231263643c8b536a7b752b
- SHA512
  
  52d980124bf50ea75a9cc1d2b1060f8a9715c60fb72cd73069e31f81e68638fc55949b9c05dd53bc5ed8cba1a64521e32d9960e21952f58c110c82539e66fcae
- SSDEEP
  
  3072:UGcL+PIrZUMMeWv/MpoJAfeK/+V1w6WvrrVic:4+kFM3v/eRbQWDr
Score

8^/10

discovery persistence
- Server Software Component: Terminal Services DLL
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Server Software Component

Terminal Services DLL

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence