885ca39343b5419eaa4e1a40ef80427297ef040b409ccdcfb6aca5a6d48cac85 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fe8b621b05909abd70541d381013070d_JaffaCakes118
Size

63KB
Sample

240929-pt42bsxhlb
MD5

fe8b621b05909abd70541d381013070d
SHA1

343d014c0faba4c23ea766eeba8e04b675a063fd
SHA256

885ca39343b5419eaa4e1a40ef80427297ef040b409ccdcfb6aca5a6d48cac85
SHA512

145d89eb434cda5417611a87b91a0710e33b77374baa06bee1d63973b007c1846f4694d8950d112f095a952335a02a4c67eead017f80bfdc5243012eb3cd16d1
SSDEEP

768:rdGvJuM1O/slq3zvBTn7OaTddzcShxRryvWbUn7JOdegxoES8x4Xejv8PACNAbD8:rch9blOpnndCoy74d3xoESxjNUK6H9Sr

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  fe8b621b05909abd70541d381013070d_JaffaCakes118
- Size
  
  63KB
- MD5
  
  fe8b621b05909abd70541d381013070d
- SHA1
  
  343d014c0faba4c23ea766eeba8e04b675a063fd
- SHA256
  
  885ca39343b5419eaa4e1a40ef80427297ef040b409ccdcfb6aca5a6d48cac85
- SHA512
  
  145d89eb434cda5417611a87b91a0710e33b77374baa06bee1d63973b007c1846f4694d8950d112f095a952335a02a4c67eead017f80bfdc5243012eb3cd16d1
- SSDEEP
  
  768:rdGvJuM1O/slq3zvBTn7OaTddzcShxRryvWbUn7JOdegxoES8x4Xejv8PACNAbD8:rch9blOpnndCoy74d3xoESxjNUK6H9Sr
Score

8^/10

discovery persistence
- Server Software Component: Terminal Services DLL
  persistence
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Server Software Component

Terminal Services DLL

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence