a84a292b5d1b581da70f4a59139cadaa5fb057d404586da7068f1ae5be393eb6 | Triage

Sharing

General

Target

1048e08c6e262d14dce46efb179f5b1a_JaffaCakes118
Size

76KB
Sample

241003-yg7q5atbkq
MD5

1048e08c6e262d14dce46efb179f5b1a
SHA1

36b6665192c057681d8f62c792acf29a0beabf13
SHA256

a84a292b5d1b581da70f4a59139cadaa5fb057d404586da7068f1ae5be393eb6
SHA512

c0937adb7984ce3c0afc531676cb86e0d0c3306345a8f483cdff5d1d7b2bbb23196e16027a0fa697a14e2201832dfcd7974818dfda9f2e826dd149a74a4a717c
SSDEEP

1536:VP6CN+iMRMuFnToIfGNvxQQvJ0ehEdfDYsvYBRaAosy:VP6CN+iMntTBfGSYsvYBEA+

Score

8^/10

defense_evasion discovery persistence

Malware Config

Targets

- Target
  
  1048e08c6e262d14dce46efb179f5b1a_JaffaCakes118
- Size
  
  76KB
- MD5
  
  1048e08c6e262d14dce46efb179f5b1a
- SHA1
  
  36b6665192c057681d8f62c792acf29a0beabf13
- SHA256
  
  a84a292b5d1b581da70f4a59139cadaa5fb057d404586da7068f1ae5be393eb6
- SHA512
  
  c0937adb7984ce3c0afc531676cb86e0d0c3306345a8f483cdff5d1d7b2bbb23196e16027a0fa697a14e2201832dfcd7974818dfda9f2e826dd149a74a4a717c
- SSDEEP
  
  1536:VP6CN+iMRMuFnToIfGNvxQQvJ0ehEdfDYsvYBRaAosy:VP6CN+iMntTBfGSYsvYBEA+
Score

8^/10

defense_evasion discovery persistence
- Server Software Component: Terminal Services DLL
  persistence
- Loads dropped DLL
- Indicator Removal: File Deletion
  Adversaries may delete files left behind by the actions of their intrusion activity.
  defense_evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Server Software Component

Terminal Services DLL

Privilege Escalation

Defense Evasion

Indicator Removal

File Deletion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscoverypersistence

behavioral2

defense_evasiondiscoverypersistence