f1ec2650e573320c7504ec93a995b46f7b7033deb644ee068dc4b3c8cf4b5c79 | Triage

Sharing

General

Target

0f65e3f750e644fad32358b42bbe9d52_JaffaCakes118
Size

92KB
Sample

240625-y5d4qatcpk
MD5

0f65e3f750e644fad32358b42bbe9d52
SHA1

3c0fe7b38e3f7a2b4ca24865a5d5b994f534bae4
SHA256

f1ec2650e573320c7504ec93a995b46f7b7033deb644ee068dc4b3c8cf4b5c79
SHA512

80e2d972c256cca7a77731392daacaae3afe2608d3e46090aea8d49c591acd3728f12491272b4d1c974ac4551d9108f6dbe362a1e99868c9cc5fa0eabce74500
SSDEEP

1536:ZdSAzPuz8EQIVYTtNu7sNUnkaXPrP9LUF5xV+P/91+KwsqP/P/P9AEhEacLfHwzh:LuzKhtNZNUkejlL8Cn3ysqnnzyacszGo

Score

8^/10

persistence privilege_escalation

Malware Config

Targets

- Target
  
  0f65e3f750e644fad32358b42bbe9d52_JaffaCakes118
- Size
  
  92KB
- MD5
  
  0f65e3f750e644fad32358b42bbe9d52
- SHA1
  
  3c0fe7b38e3f7a2b4ca24865a5d5b994f534bae4
- SHA256
  
  f1ec2650e573320c7504ec93a995b46f7b7033deb644ee068dc4b3c8cf4b5c79
- SHA512
  
  80e2d972c256cca7a77731392daacaae3afe2608d3e46090aea8d49c591acd3728f12491272b4d1c974ac4551d9108f6dbe362a1e99868c9cc5fa0eabce74500
- SSDEEP
  
  1536:ZdSAzPuz8EQIVYTtNu7sNUnkaXPrP9LUF5xV+P/91+KwsqP/P/P9AEhEacLfHwzh:LuzKhtNZNUkejlL8Cn3ysqnnzyacszGo
Score

8^/10

persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistenceprivilege_escalation

behavioral2

persistenceprivilege_escalation