cd298bc91fbfa1f4f61be3c9d92fe0d79986a70375ba0e42a90fdaf8b2c0cdd2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

189e4777575f56983268ec657b80327a_JaffaCakes118
Size

88KB
Sample

240628-d1pz7syfkb
MD5

189e4777575f56983268ec657b80327a
SHA1

0a40b2557c3b320b3494abc6b5d3f4d21f8e2088
SHA256

cd298bc91fbfa1f4f61be3c9d92fe0d79986a70375ba0e42a90fdaf8b2c0cdd2
SHA512

d1056028c4e48045bd3f42a534e69927238d72b8403ea6ec695daad6d639e1b2117b4b495e799e8bbed6d1c4404c2a21aae1be45c99674e01d92852085540bd5
SSDEEP

1536:ivp6GxTOt+ySiCX1s5sIy0i5Gh5g9gDgcb8xSohvsSucjinJHGYHokJlIU:ivYMiAyt0Iy0i7gDgHxSgoBVHokJlIU

Score

8^/10

persistence privilege_escalation

Malware Config

Targets

- Target
  
  189e4777575f56983268ec657b80327a_JaffaCakes118
- Size
  
  88KB
- MD5
  
  189e4777575f56983268ec657b80327a
- SHA1
  
  0a40b2557c3b320b3494abc6b5d3f4d21f8e2088
- SHA256
  
  cd298bc91fbfa1f4f61be3c9d92fe0d79986a70375ba0e42a90fdaf8b2c0cdd2
- SHA512
  
  d1056028c4e48045bd3f42a534e69927238d72b8403ea6ec695daad6d639e1b2117b4b495e799e8bbed6d1c4404c2a21aae1be45c99674e01d92852085540bd5
- SSDEEP
  
  1536:ivp6GxTOt+ySiCX1s5sIy0i5Gh5g9gDgcb8xSohvsSucjinJHGYHokJlIU:ivYMiAyt0Iy0i7gDgHxSgoBVHokJlIU
Score

8^/10

persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistenceprivilege_escalation

behavioral2

persistenceprivilege_escalation