f793536755c6841b5b9764c1a922f63adb7ef7e8934aac1ec2be4759c2e0edec | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0b5151630deb01c3f1d562d702c43374_JaffaCakes118
Size

77KB
Sample

240624-3pcm6sycjb
MD5

0b5151630deb01c3f1d562d702c43374
SHA1

ec51e0ac4cbf84634178eabca6878d3e6f747acb
SHA256

f793536755c6841b5b9764c1a922f63adb7ef7e8934aac1ec2be4759c2e0edec
SHA512

4e2182cc5030526aa2c3ec4290b272412bb7403632407823657aeb2e598bec0f1ebe22bfdd4c8c3fd027a28ce6e6e237acb1d9ada7aa87838a4b39cc74bf1792
SSDEEP

1536:+3zYZu0Ex2RgY4NcF8hsN/HSrFQUQO7Go8o6JlIK:rfErMlNafCo8o6JlIK

Score

8^/10

persistence privilege_escalation

Malware Config

Targets

- Target
  
  0b5151630deb01c3f1d562d702c43374_JaffaCakes118
- Size
  
  77KB
- MD5
  
  0b5151630deb01c3f1d562d702c43374
- SHA1
  
  ec51e0ac4cbf84634178eabca6878d3e6f747acb
- SHA256
  
  f793536755c6841b5b9764c1a922f63adb7ef7e8934aac1ec2be4759c2e0edec
- SHA512
  
  4e2182cc5030526aa2c3ec4290b272412bb7403632407823657aeb2e598bec0f1ebe22bfdd4c8c3fd027a28ce6e6e237acb1d9ada7aa87838a4b39cc74bf1792
- SSDEEP
  
  1536:+3zYZu0Ex2RgY4NcF8hsN/HSrFQUQO7Go8o6JlIK:rfErMlNafCo8o6JlIK
Score

8^/10

persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

persistenceprivilege_escalation