9232095334601fe26dd449e0e384a766f6f80e6edd72729c38abfd03a7d5a578 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c051e3bc594ff393268de6ef0b34beab_JaffaCakes118
Size

63KB
Sample

240825-j6qrkstgqf
MD5

c051e3bc594ff393268de6ef0b34beab
SHA1

1a492ef65854c61b188236f9a7de9039e7fec096
SHA256

9232095334601fe26dd449e0e384a766f6f80e6edd72729c38abfd03a7d5a578
SHA512

52812be3e4c4a539b3e349836a7a216d9c8212a10a04e23f40ea844c9098365534ecddc6cd797072d2c00bb63215a98bb1449c5a8d25aeb5101e945e710bbd83
SSDEEP

768:ldGvJuh51O/szqazvtUas2vBJxxJiJVEn/tdIWDHjdLI46YG2VskruTlNijNzH:lchqbzZtFpv8AdcsW76

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  c051e3bc594ff393268de6ef0b34beab_JaffaCakes118
- Size
  
  63KB
- MD5
  
  c051e3bc594ff393268de6ef0b34beab
- SHA1
  
  1a492ef65854c61b188236f9a7de9039e7fec096
- SHA256
  
  9232095334601fe26dd449e0e384a766f6f80e6edd72729c38abfd03a7d5a578
- SHA512
  
  52812be3e4c4a539b3e349836a7a216d9c8212a10a04e23f40ea844c9098365534ecddc6cd797072d2c00bb63215a98bb1449c5a8d25aeb5101e945e710bbd83
- SSDEEP
  
  768:ldGvJuh51O/szqazvtUas2vBJxxJiJVEn/tdIWDHjdLI46YG2VskruTlNijNzH:lchqbzZtFpv8AdcsW76
Score

8^/10

discovery persistence
- Server Software Component: Terminal Services DLL
  persistence
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Server Software Component

Terminal Services DLL

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence