c40fc96893500411c0be9a5230d4a4d2ee33b0b466e09b3677e40b07258dab25 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1b016e0a60d586c40b353683235a0403_JaffaCakes118
Size

100KB
Sample

240701-mw1qksxcle
MD5

1b016e0a60d586c40b353683235a0403
SHA1

b80a276d01a5397796ec7a55a8db3a78943e859b
SHA256

c40fc96893500411c0be9a5230d4a4d2ee33b0b466e09b3677e40b07258dab25
SHA512

29acfbb59b22bc385ddbc65040684119f0df34c209bfb718d215abb369a6d09e8265eb4110704f59eec736fa6037513d5add6750c51963816d1c6f9744899828
SSDEEP

3072:iAslxp/LdszuXKfCtR13t5Jx0YPLgo47Y:Lsl7jdGg3t5JNI7Y

Score

8^/10

persistence privilege_escalation

Malware Config

Targets

- Target
  
  1b016e0a60d586c40b353683235a0403_JaffaCakes118
- Size
  
  100KB
- MD5
  
  1b016e0a60d586c40b353683235a0403
- SHA1
  
  b80a276d01a5397796ec7a55a8db3a78943e859b
- SHA256
  
  c40fc96893500411c0be9a5230d4a4d2ee33b0b466e09b3677e40b07258dab25
- SHA512
  
  29acfbb59b22bc385ddbc65040684119f0df34c209bfb718d215abb369a6d09e8265eb4110704f59eec736fa6037513d5add6750c51963816d1c6f9744899828
- SSDEEP
  
  3072:iAslxp/LdszuXKfCtR13t5Jx0YPLgo47Y:Lsl7jdGg3t5JNI7Y
Score

8^/10

persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistenceprivilege_escalation

behavioral2

persistenceprivilege_escalation