378d720ecbe3e27ae283257f0e15bebbfabab4610c929a91a1b19226d3e787e5 | Triage

Sharing

General

Target

04880fd0b2663d31f63141ad83948d11_JaffaCakes118
Size

14KB
Sample

240620-kyak3atbkq
MD5

04880fd0b2663d31f63141ad83948d11
SHA1

64c535757dc7d41cd82710e4202f0ac9e17412cd
SHA256

378d720ecbe3e27ae283257f0e15bebbfabab4610c929a91a1b19226d3e787e5
SHA512

cc5e1f252222965180c6347107b665430a448de122d0934f5a512fa1ab90d56720669ab7a0ee6ad1481f239815512bb0d02377556a527c9df0e0819cfed9a22a
SSDEEP

384:d94Q5CpkV+svcYEe5JJblqdOI3H+eQwxZ6//WiP9LmSB+cllklN:d9HCRybEKlgOIOdwvm/W0xAN

Score

8^/10

persistence privilege_escalation

Malware Config

Targets

- Target
  
  04880fd0b2663d31f63141ad83948d11_JaffaCakes118
- Size
  
  14KB
- MD5
  
  04880fd0b2663d31f63141ad83948d11
- SHA1
  
  64c535757dc7d41cd82710e4202f0ac9e17412cd
- SHA256
  
  378d720ecbe3e27ae283257f0e15bebbfabab4610c929a91a1b19226d3e787e5
- SHA512
  
  cc5e1f252222965180c6347107b665430a448de122d0934f5a512fa1ab90d56720669ab7a0ee6ad1481f239815512bb0d02377556a527c9df0e0819cfed9a22a
- SSDEEP
  
  384:d94Q5CpkV+svcYEe5JJblqdOI3H+eQwxZ6//WiP9LmSB+cllklN:d9HCRybEKlgOIOdwvm/W0xAN
Score

8^/10

persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistenceprivilege_escalation

behavioral2

persistenceprivilege_escalation