7f455b0495febcd166e5665a2c728deffaafba9d3d8d9cf626cc5334f6f038eb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aba41cf649667529b5a5fed0ebbcbfea_JaffaCakes118
Size

295KB
Sample

240819-td4svatarc
MD5

aba41cf649667529b5a5fed0ebbcbfea
SHA1

bfb0b80270c9bac7b9a4b0342d7b9cbdc8ca18cb
SHA256

7f455b0495febcd166e5665a2c728deffaafba9d3d8d9cf626cc5334f6f038eb
SHA512

cfa1204bcd2e5381fd148f1d7cb47c4d9e6bfb6a02dbf8ebdb2a54b2b37303eccb37ca289a3808d6df6d9981d086a8363e7c7ff8579510f055661d4f3ee6475c
SSDEEP

6144:BcxFnVSVQlIznAGkf2RHatMG0X2Jvmow1SqmJz/lrCDO6ABvk3:63nVcif2R6tfcvow1SdleDPAB8

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  aba41cf649667529b5a5fed0ebbcbfea_JaffaCakes118
- Size
  
  295KB
- MD5
  
  aba41cf649667529b5a5fed0ebbcbfea
- SHA1
  
  bfb0b80270c9bac7b9a4b0342d7b9cbdc8ca18cb
- SHA256
  
  7f455b0495febcd166e5665a2c728deffaafba9d3d8d9cf626cc5334f6f038eb
- SHA512
  
  cfa1204bcd2e5381fd148f1d7cb47c4d9e6bfb6a02dbf8ebdb2a54b2b37303eccb37ca289a3808d6df6d9981d086a8363e7c7ff8579510f055661d4f3ee6475c
- SSDEEP
  
  6144:BcxFnVSVQlIznAGkf2RHatMG0X2Jvmow1SqmJz/lrCDO6ABvk3:63nVcif2R6tfcvow1SdleDPAB8
Score

8^/10

discovery persistence
- Server Software Component: Terminal Services DLL
  persistence
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Server Software Component

Terminal Services DLL

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence