202e78ccca38742961bbb0ee898b1c86e6c97bbd8a68f3e999e13dca2d4ca94b | Triage

Sharing

General

Target

1c0fc7d562272b9868f9bfa66951b041_JaffaCakes118
Size

92KB
Sample

240701-w6r1vssgke
MD5

1c0fc7d562272b9868f9bfa66951b041
SHA1

ef825f49a60e2938582f7250e14c1ae25ba9611d
SHA256

202e78ccca38742961bbb0ee898b1c86e6c97bbd8a68f3e999e13dca2d4ca94b
SHA512

5b99e7806b4b37c6363f927caca3cb8f6d76bffa163181eed6d8b1d9a50cdd286a6637e96633a43a117d2b29dc8d52e40b6e6c5cacc2b95dbd3e1b7aade43c85
SSDEEP

1536:TSg+lVENijJhf8hcjPtOi1ozTdcwZfxchkXcM31VqOj8FIGoCJlIU:TSgmVEMjXEhQs1HchkXX7qOzGoCJlIU

Score

8^/10

persistence privilege_escalation

Malware Config

Targets

- Target
  
  1c0fc7d562272b9868f9bfa66951b041_JaffaCakes118
- Size
  
  92KB
- MD5
  
  1c0fc7d562272b9868f9bfa66951b041
- SHA1
  
  ef825f49a60e2938582f7250e14c1ae25ba9611d
- SHA256
  
  202e78ccca38742961bbb0ee898b1c86e6c97bbd8a68f3e999e13dca2d4ca94b
- SHA512
  
  5b99e7806b4b37c6363f927caca3cb8f6d76bffa163181eed6d8b1d9a50cdd286a6637e96633a43a117d2b29dc8d52e40b6e6c5cacc2b95dbd3e1b7aade43c85
- SSDEEP
  
  1536:TSg+lVENijJhf8hcjPtOi1ozTdcwZfxchkXcM31VqOj8FIGoCJlIU:TSgmVEMjXEhQs1HchkXX7qOzGoCJlIU
Score

8^/10

persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistenceprivilege_escalation

behavioral2

persistenceprivilege_escalation