b79adcb51cc919bc87f1b1f82d37418e8b14eb33b805a07cd1047cfd7e58cdea | Triage

Sharing

General

Target

a20ffde4a70678d87e47494da25010d6_JaffaCakes118
Size

278KB
Sample

240817-lrtk2ayhkg
MD5

a20ffde4a70678d87e47494da25010d6
SHA1

5cf80cbe7bcaddd3f9731c94c2913d34c7c89ae4
SHA256

b79adcb51cc919bc87f1b1f82d37418e8b14eb33b805a07cd1047cfd7e58cdea
SHA512

0ea82491bf66721a9f80aad5a4c1d283f83a0bdee2453911d5ed3c55e0064a50c3c7ae1f1d8ffca7a8845a457c7418dab2fae4f51dcdfa1beb80759bed99fe85
SSDEEP

6144:tdN39Z+vQsYFiqav4nDWgRAkP0KGQn8xID0DMFLqCtOiuU2yyvDMTQQ:NtZ+4sN2R3P9GLxe0D4H1ovDMT5

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  a20ffde4a70678d87e47494da25010d6_JaffaCakes118
- Size
  
  278KB
- MD5
  
  a20ffde4a70678d87e47494da25010d6
- SHA1
  
  5cf80cbe7bcaddd3f9731c94c2913d34c7c89ae4
- SHA256
  
  b79adcb51cc919bc87f1b1f82d37418e8b14eb33b805a07cd1047cfd7e58cdea
- SHA512
  
  0ea82491bf66721a9f80aad5a4c1d283f83a0bdee2453911d5ed3c55e0064a50c3c7ae1f1d8ffca7a8845a457c7418dab2fae4f51dcdfa1beb80759bed99fe85
- SSDEEP
  
  6144:tdN39Z+vQsYFiqav4nDWgRAkP0KGQn8xID0DMFLqCtOiuU2yyvDMTQQ:NtZ+4sN2R3P9GLxe0D4H1ovDMT5
Score

8^/10

discovery persistence
- Server Software Component: Terminal Services DLL
  persistence
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Server Software Component

Terminal Services DLL

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence