3421c9aa03b17b225d73cc2d3ba81e0f3aecd21244c9abe32ba7b0e2180e9f26 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

155c650f9308d36342a4bb80acb9d739_JaffaCakes118
Size

10KB
Sample

240627-klqrhssejc
MD5

155c650f9308d36342a4bb80acb9d739
SHA1

9e161900f1190adba02d0258937c028396eb275d
SHA256

3421c9aa03b17b225d73cc2d3ba81e0f3aecd21244c9abe32ba7b0e2180e9f26
SHA512

9b5a9b14f4a827586fc97b9fd0c4af95a999384b0245176a6177296f7ef7baa58c5a2ccfd7fed25f96a463de378ec5afb5ed4fe19bd8cfd984672f60b78f397f
SSDEEP

192:XYKMeFOI8oF59Pgg85VV40aG4vMze+22zbwwFPGGkgUwuN:XYpyOkFjog85VSl+lbwwFPib

Score

8^/10

persistence privilege_escalation

Malware Config

Targets

- Target
  
  155c650f9308d36342a4bb80acb9d739_JaffaCakes118
- Size
  
  10KB
- MD5
  
  155c650f9308d36342a4bb80acb9d739
- SHA1
  
  9e161900f1190adba02d0258937c028396eb275d
- SHA256
  
  3421c9aa03b17b225d73cc2d3ba81e0f3aecd21244c9abe32ba7b0e2180e9f26
- SHA512
  
  9b5a9b14f4a827586fc97b9fd0c4af95a999384b0245176a6177296f7ef7baa58c5a2ccfd7fed25f96a463de378ec5afb5ed4fe19bd8cfd984672f60b78f397f
- SSDEEP
  
  192:XYKMeFOI8oF59Pgg85VV40aG4vMze+22zbwwFPGGkgUwuN:XYpyOkFjog85VSl+lbwwFPib
Score

8^/10

persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistenceprivilege_escalation

behavioral2

persistenceprivilege_escalation