c8f0324c9e2813f03441ef19a42c9a735485f166f72b7894c2fcef827351f3cd | Triage

Sharing

General

Target

07c0b0ae07f37d248d0fa07a57021e74_JaffaCakes118
Size

92KB
Sample

240624-lmhb7sygmq
MD5

07c0b0ae07f37d248d0fa07a57021e74
SHA1

5376ceb530902a7a92a67692ea2a9a326ab45a90
SHA256

c8f0324c9e2813f03441ef19a42c9a735485f166f72b7894c2fcef827351f3cd
SHA512

e0a8bf2edc9910996a98e7adc32ee7a71f10c3fa697580fd413d5057a865a1162c6aafd11100f84a5870d53db291db5f4fd4cbcff91b3ca992411c3418150fd2
SSDEEP

1536:vLwE6EOWzT77lvnRGbPBjqaR5gjp/8m2Tg4srcejaVCCuhUk1sTLzMo:cE61K3lPRI1qaR5Cp/8RbsrcejaWSKsb

Score

8^/10

persistence privilege_escalation

Malware Config

Targets

- Target
  
  07c0b0ae07f37d248d0fa07a57021e74_JaffaCakes118
- Size
  
  92KB
- MD5
  
  07c0b0ae07f37d248d0fa07a57021e74
- SHA1
  
  5376ceb530902a7a92a67692ea2a9a326ab45a90
- SHA256
  
  c8f0324c9e2813f03441ef19a42c9a735485f166f72b7894c2fcef827351f3cd
- SHA512
  
  e0a8bf2edc9910996a98e7adc32ee7a71f10c3fa697580fd413d5057a865a1162c6aafd11100f84a5870d53db291db5f4fd4cbcff91b3ca992411c3418150fd2
- SSDEEP
  
  1536:vLwE6EOWzT77lvnRGbPBjqaR5gjp/8m2Tg4srcejaVCCuhUk1sTLzMo:cE61K3lPRI1qaR5Cp/8RbsrcejaWSKsb
Score

8^/10

persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistenceprivilege_escalation

behavioral2

persistenceprivilege_escalation