1caf1fb4e5e27c69f33371f042d84b32978193c5c9cbc4f4c666cf601773a604 | Triage

Sharing

General

Target

41b15bcd31a421132f838608924dac04_JaffaCakes118
Size

159KB
Sample

241013-ya5cesvana
MD5

41b15bcd31a421132f838608924dac04
SHA1

68452f45e04725d180c1c5bd1eab3e0d259a2f29
SHA256

1caf1fb4e5e27c69f33371f042d84b32978193c5c9cbc4f4c666cf601773a604
SHA512

caed994747380ddaf7b9dd2a71e16e5723237352901faa56d3fabc3d0dfb9f7080e2d70498e1805ebb3707966d6139c7c1b4b43e1c4610df0d31013768628f16
SSDEEP

3072:1H8dK6lMb3mDTNmY2z9XHvv08o2HOTEDzGNZc0XXqC8ymj:1ck6ylHHvA2HOTGzGbc0KC8

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  41b15bcd31a421132f838608924dac04_JaffaCakes118
- Size
  
  159KB
- MD5
  
  41b15bcd31a421132f838608924dac04
- SHA1
  
  68452f45e04725d180c1c5bd1eab3e0d259a2f29
- SHA256
  
  1caf1fb4e5e27c69f33371f042d84b32978193c5c9cbc4f4c666cf601773a604
- SHA512
  
  caed994747380ddaf7b9dd2a71e16e5723237352901faa56d3fabc3d0dfb9f7080e2d70498e1805ebb3707966d6139c7c1b4b43e1c4610df0d31013768628f16
- SSDEEP
  
  3072:1H8dK6lMb3mDTNmY2z9XHvv08o2HOTEDzGNZc0XXqC8ymj:1ck6ylHHvA2HOTGzGbc0KC8
Score

8^/10

discovery persistence
- Server Software Component: Terminal Services DLL
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Server Software Component

Terminal Services DLL

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence