33d747c0d7ad69727f5358df0fef7b50491442c73806755428cf5d105cfc5133 | Triage

Sharing

General

Target

7794d237b1d5a27fb84ef5e15e43eb0f_JaffaCakes118
Size

24KB
Sample

240727-kvn92sydnn
MD5

7794d237b1d5a27fb84ef5e15e43eb0f
SHA1

9009a7bb44d13d799b8db4abc232bac17506b32e
SHA256

33d747c0d7ad69727f5358df0fef7b50491442c73806755428cf5d105cfc5133
SHA512

b68ca025ef6e79f6bcab02fe99182f993269e8202d147a28e385fee451b5bf728a6cb7fa7fe9a7485b5031a03d1875100cb1f847992e137aac61e66fed3bac19
SSDEEP

384:iXdGP+MQ9aBfDnnZI1k/9lM0R5qWn3U38wkuFSPTAPJTW5Z:aGP+3aBLnsk/XM0RQW3U38wNSb4JTE

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  7794d237b1d5a27fb84ef5e15e43eb0f_JaffaCakes118
- Size
  
  24KB
- MD5
  
  7794d237b1d5a27fb84ef5e15e43eb0f
- SHA1
  
  9009a7bb44d13d799b8db4abc232bac17506b32e
- SHA256
  
  33d747c0d7ad69727f5358df0fef7b50491442c73806755428cf5d105cfc5133
- SHA512
  
  b68ca025ef6e79f6bcab02fe99182f993269e8202d147a28e385fee451b5bf728a6cb7fa7fe9a7485b5031a03d1875100cb1f847992e137aac61e66fed3bac19
- SSDEEP
  
  384:iXdGP+MQ9aBfDnnZI1k/9lM0R5qWn3U38wkuFSPTAPJTW5Z:aGP+3aBLnsk/XM0RQW3U38wNSb4JTE
Score

8^/10

discovery persistence
- Server Software Component: Terminal Services DLL
  persistence
- Deletes itself
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Server Software Component

Terminal Services DLL

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence