aa7bd0132535ceac52a6f36c3730053b1d15af167d4a630139d732647f71b83f | Triage

Sharing

General

Target

05c10572b8a7e586b029d723671c97c3_JaffaCakes118
Size

124KB
Sample

240620-n27xhswcnb
MD5

05c10572b8a7e586b029d723671c97c3
SHA1

acd5f7a3679190d5bb65277cd1fdb87e5c5b83d8
SHA256

aa7bd0132535ceac52a6f36c3730053b1d15af167d4a630139d732647f71b83f
SHA512

a185580277136119688504687c15bc45d534a5f1bda6f5e9e58ad2ddbee2b11b1d9a23415642091806046f1e7e63e8823cb30640258a2ccdeb8255fe74814ca0
SSDEEP

1536:trgzsp9HyEJ1y7BXr3UBZHxZiOaZupjCswNb1GGGZZmliLFcHo5A4PXHuAkl5zCH:tFHyEJmmvR5Br6bGZQiLiHo5LWAE5zY

Score

8^/10

persistence privilege_escalation

Malware Config

Targets

- Target
  
  05c10572b8a7e586b029d723671c97c3_JaffaCakes118
- Size
  
  124KB
- MD5
  
  05c10572b8a7e586b029d723671c97c3
- SHA1
  
  acd5f7a3679190d5bb65277cd1fdb87e5c5b83d8
- SHA256
  
  aa7bd0132535ceac52a6f36c3730053b1d15af167d4a630139d732647f71b83f
- SHA512
  
  a185580277136119688504687c15bc45d534a5f1bda6f5e9e58ad2ddbee2b11b1d9a23415642091806046f1e7e63e8823cb30640258a2ccdeb8255fe74814ca0
- SSDEEP
  
  1536:trgzsp9HyEJ1y7BXr3UBZHxZiOaZupjCswNb1GGGZZmliLFcHo5A4PXHuAkl5zCH:tFHyEJmmvR5Br6bGZQiLiHo5LWAE5zY
Score

8^/10

persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistenceprivilege_escalation

behavioral2