92a1c788f8930f6dbfe20a980f644f2710501c520639d09f81afa5ff2cca9cff | Triage

Sharing

General

Target

791f79bd0d45d2e0034ca9ecfa6c2d78_JaffaCakes118
Size

88KB
Sample

240727-w1e44ssern
MD5

791f79bd0d45d2e0034ca9ecfa6c2d78
SHA1

9c58f35a202257aa6e54d83b23b89d6d6a68b426
SHA256

92a1c788f8930f6dbfe20a980f644f2710501c520639d09f81afa5ff2cca9cff
SHA512

1a645a601e7f03a1ce9ed70bfe534f7e3d8265d7a93ae3895151479324ee00be83ea4d0a81d11379cbcdd62a4a639f33025c6271731db135d6e6a9bbeaefddb4
SSDEEP

1536:dtZHJGPKZi+unw3uzV1c/D6t5YppoNr9hTcOujjwGTr0aIiksSaV1K7ZNK:n3GCZi+u93SCNNr9hoOVGToadTutNK

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  791f79bd0d45d2e0034ca9ecfa6c2d78_JaffaCakes118
- Size
  
  88KB
- MD5
  
  791f79bd0d45d2e0034ca9ecfa6c2d78
- SHA1
  
  9c58f35a202257aa6e54d83b23b89d6d6a68b426
- SHA256
  
  92a1c788f8930f6dbfe20a980f644f2710501c520639d09f81afa5ff2cca9cff
- SHA512
  
  1a645a601e7f03a1ce9ed70bfe534f7e3d8265d7a93ae3895151479324ee00be83ea4d0a81d11379cbcdd62a4a639f33025c6271731db135d6e6a9bbeaefddb4
- SSDEEP
  
  1536:dtZHJGPKZi+unw3uzV1c/D6t5YppoNr9hTcOujjwGTr0aIiksSaV1K7ZNK:n3GCZi+u93SCNNr9hoOVGToadTutNK
Score

8^/10

discovery persistence
- Server Software Component: Terminal Services DLL
  persistence
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Server Software Component

Terminal Services DLL

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence