0abc9f23e1586215de25cb4f5d019a6d53db44432a1df21d9873917bd1c57eaf | Triage

Sharing

General

Target

181c36d36b73e040d1fd15773576fb5e_JaffaCakes118
Size

88KB
Sample

240628-aq6nestbnq
MD5

181c36d36b73e040d1fd15773576fb5e
SHA1

a36aa02ab8278d9b36cf45b6343e135c294d6840
SHA256

0abc9f23e1586215de25cb4f5d019a6d53db44432a1df21d9873917bd1c57eaf
SHA512

afbcaed6b394bc1abaed0e9c497289c275a6fd0aad7c1b8099905bf7b2dec1ebb07fad50b8c93fe54ea3338c637a135fab40fdd3767bd66956f8999a83f3c347
SSDEEP

1536:B3GnSXPt8pfgmai6B4fQfoMQUrfA241K7o:B3emPt8pImH6qMlA2487o

Score

8^/10

persistence privilege_escalation

Malware Config

Targets

- Target
  
  181c36d36b73e040d1fd15773576fb5e_JaffaCakes118
- Size
  
  88KB
- MD5
  
  181c36d36b73e040d1fd15773576fb5e
- SHA1
  
  a36aa02ab8278d9b36cf45b6343e135c294d6840
- SHA256
  
  0abc9f23e1586215de25cb4f5d019a6d53db44432a1df21d9873917bd1c57eaf
- SHA512
  
  afbcaed6b394bc1abaed0e9c497289c275a6fd0aad7c1b8099905bf7b2dec1ebb07fad50b8c93fe54ea3338c637a135fab40fdd3767bd66956f8999a83f3c347
- SSDEEP
  
  1536:B3GnSXPt8pfgmai6B4fQfoMQUrfA241K7o:B3emPt8pImH6qMlA2487o
Score

8^/10

persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistenceprivilege_escalation

behavioral2

persistenceprivilege_escalation