69fc114f6fa4855a4a059f5d137b76c7e589cf2231aeb0fdbdc7e6b187390e91 | Triage

Sharing

General

Target

add333043550c59cf6c79b3c369b9ab4_JaffaCakes118
Size

139KB
Sample

240820-et978swhlm
MD5

add333043550c59cf6c79b3c369b9ab4
SHA1

c2a9dfd9dda301a4a18042a5e4b114da0df71f9a
SHA256

69fc114f6fa4855a4a059f5d137b76c7e589cf2231aeb0fdbdc7e6b187390e91
SHA512

c8e82240ca250a4d3065fcf2e17e03f5657ac58ba040498b6cb42f080e1cecd394bd13e05286913e4ccb3e23b70d934f01d3a8addf84f34815cb4d96f5f983b8
SSDEEP

3072:zH+Mcv5JXXieDEvy1W7rkD+bnAIhRjaNO:zHl0ndEqgkCAaRGs

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  add333043550c59cf6c79b3c369b9ab4_JaffaCakes118
- Size
  
  139KB
- MD5
  
  add333043550c59cf6c79b3c369b9ab4
- SHA1
  
  c2a9dfd9dda301a4a18042a5e4b114da0df71f9a
- SHA256
  
  69fc114f6fa4855a4a059f5d137b76c7e589cf2231aeb0fdbdc7e6b187390e91
- SHA512
  
  c8e82240ca250a4d3065fcf2e17e03f5657ac58ba040498b6cb42f080e1cecd394bd13e05286913e4ccb3e23b70d934f01d3a8addf84f34815cb4d96f5f983b8
- SSDEEP
  
  3072:zH+Mcv5JXXieDEvy1W7rkD+bnAIhRjaNO:zHl0ndEqgkCAaRGs
Score

8^/10

discovery persistence
- Server Software Component: Terminal Services DLL
  persistence
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Server Software Component

Terminal Services DLL

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence