dfcf3a086b72cb0c0625dbcdf34ffe04e29221c739309e656e853d455accbd9f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

af90f0f2d94d5d345944d78207f758c2_JaffaCakes118
Size

1.2MB
Sample

240820-rpstls1ajj
MD5

af90f0f2d94d5d345944d78207f758c2
SHA1

24e0505e9385c461165be294bd512260ac674842
SHA256

dfcf3a086b72cb0c0625dbcdf34ffe04e29221c739309e656e853d455accbd9f
SHA512

834748de1ea78748eed798318f946b9201caf808c05e7e5db61c5bce26706359c3c5d8bdff3495b67d603599618811be47a80bf5aaa86ffe6ac9e458a41848e6
SSDEEP

3072:dwiiaFspa8tnGzeeMIqcFnnPgOBTil8lVWPt+uS0YJH08c1:dGEknGzeeMIqcFYwilr+ueJ

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  af90f0f2d94d5d345944d78207f758c2_JaffaCakes118
- Size
  
  1.2MB
- MD5
  
  af90f0f2d94d5d345944d78207f758c2
- SHA1
  
  24e0505e9385c461165be294bd512260ac674842
- SHA256
  
  dfcf3a086b72cb0c0625dbcdf34ffe04e29221c739309e656e853d455accbd9f
- SHA512
  
  834748de1ea78748eed798318f946b9201caf808c05e7e5db61c5bce26706359c3c5d8bdff3495b67d603599618811be47a80bf5aaa86ffe6ac9e458a41848e6
- SSDEEP
  
  3072:dwiiaFspa8tnGzeeMIqcFnnPgOBTil8lVWPt+uS0YJH08c1:dGEknGzeeMIqcFYwilr+ueJ
Score

8^/10

discovery persistence
- Server Software Component: Terminal Services DLL
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Server Software Component

Terminal Services DLL

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence