2455a5d1805bbb019ca88c93a8f8a099a42e552528619a51d3eebe06684237b1 | Triage

Sharing

General

Target

20d3fdf6c84e22fa3a41a9b53820ba61_JaffaCakes118
Size

183KB
Sample

240703-dax8wstdrc
MD5

20d3fdf6c84e22fa3a41a9b53820ba61
SHA1

86f220a6b048ea3fb4bdd10c8a8aca7c8e320682
SHA256

2455a5d1805bbb019ca88c93a8f8a099a42e552528619a51d3eebe06684237b1
SHA512

e2bdf06db24f9021931a470cd98019161368024d6c9e616d639edc261b3d601c0c917f22a045ed3bf0d0c07f80fab266bb1a34b7a2815e2cb9917408176fa694
SSDEEP

3072:83GCZi+u93NyBNr9hoOVGToadTutNaubNVFywb9Ve4kZJcMKQv+C25MOLdUr9hoO:Zv4o/ToUatsubNawb9VOExRCiMOEo

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  20d3fdf6c84e22fa3a41a9b53820ba61_JaffaCakes118
- Size
  
  183KB
- MD5
  
  20d3fdf6c84e22fa3a41a9b53820ba61
- SHA1
  
  86f220a6b048ea3fb4bdd10c8a8aca7c8e320682
- SHA256
  
  2455a5d1805bbb019ca88c93a8f8a099a42e552528619a51d3eebe06684237b1
- SHA512
  
  e2bdf06db24f9021931a470cd98019161368024d6c9e616d639edc261b3d601c0c917f22a045ed3bf0d0c07f80fab266bb1a34b7a2815e2cb9917408176fa694
- SSDEEP
  
  3072:83GCZi+u93NyBNr9hoOVGToadTutNaubNVFywb9Ve4kZJcMKQv+C25MOLdUr9hoO:Zv4o/ToUatsubNawb9VOExRCiMOEo
Score

8^/10

persistence
- Server Software Component: Terminal Services DLL
  persistence
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Server Software Component

Terminal Services DLL

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2