bedbfaa8de9ace6a752223c097559ff6cf982af681f4be5a8f1d42f658a1e822 | Triage

Sharing

General

Target

07d79e75cabf8faef307cae9cf35ea83_JaffaCakes118
Size

100KB
Sample

240624-l2f3pazeml
MD5

07d79e75cabf8faef307cae9cf35ea83
SHA1

4ffc32cbe76a57212b76a7f182d35cdd89ab78cb
SHA256

bedbfaa8de9ace6a752223c097559ff6cf982af681f4be5a8f1d42f658a1e822
SHA512

9cdb8d9046017238e7cf84c6f8c9b3fad7e58f0b6e63a9f3b94c80e9b2d291016d4ba94607d8bc0b88678ea3ab36dd4b2e68d81336ac640e735547567aaa7296
SSDEEP

1536:mhVnGd9oT4GJ+NjJsZrHbPmC/k9MLCYgErlOMjMg0Yl5Lgo4zHYRIA:mDGdekoMMjbPv/kaLC21x0YPLgo47Y

Score

8^/10

persistence privilege_escalation

Malware Config

Targets

- Target
  
  07d79e75cabf8faef307cae9cf35ea83_JaffaCakes118
- Size
  
  100KB
- MD5
  
  07d79e75cabf8faef307cae9cf35ea83
- SHA1
  
  4ffc32cbe76a57212b76a7f182d35cdd89ab78cb
- SHA256
  
  bedbfaa8de9ace6a752223c097559ff6cf982af681f4be5a8f1d42f658a1e822
- SHA512
  
  9cdb8d9046017238e7cf84c6f8c9b3fad7e58f0b6e63a9f3b94c80e9b2d291016d4ba94607d8bc0b88678ea3ab36dd4b2e68d81336ac640e735547567aaa7296
- SSDEEP
  
  1536:mhVnGd9oT4GJ+NjJsZrHbPmC/k9MLCYgErlOMjMg0Yl5Lgo4zHYRIA:mDGdekoMMjbPv/kaLC21x0YPLgo47Y
Score

8^/10

persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistenceprivilege_escalation

behavioral2

persistenceprivilege_escalation