6889155fa54a53172386e08bc824953e4252e9ca80f920bd6ea69a36e33d1d5f | Triage

Sharing

General

Target

1c13745e05e577fc0657b66ce926b2ee_JaffaCakes118
Size

92KB
Sample

240701-w9cqcashpd
MD5

1c13745e05e577fc0657b66ce926b2ee
SHA1

a3aef2f7571a387594d74c5139f29576dff0b813
SHA256

6889155fa54a53172386e08bc824953e4252e9ca80f920bd6ea69a36e33d1d5f
SHA512

c041fdc674339dcdf60d05a3a1bb068634c97fa243d5a9f7560b2a41e78bab6ed37fd8bd71405ed7813b300f0740ce9cb92d79ef725382b5f0dfb0aaa143f725
SSDEEP

1536:CUsibUZtiWC5m9LWWcAUL+wucsEDzT+fZxYVbhbmMoxMWNLzMo:CTibUZtZC05WWdirupET+A2xxlzMo

Score

8^/10

persistence privilege_escalation

Malware Config

Targets

- Target
  
  1c13745e05e577fc0657b66ce926b2ee_JaffaCakes118
- Size
  
  92KB
- MD5
  
  1c13745e05e577fc0657b66ce926b2ee
- SHA1
  
  a3aef2f7571a387594d74c5139f29576dff0b813
- SHA256
  
  6889155fa54a53172386e08bc824953e4252e9ca80f920bd6ea69a36e33d1d5f
- SHA512
  
  c041fdc674339dcdf60d05a3a1bb068634c97fa243d5a9f7560b2a41e78bab6ed37fd8bd71405ed7813b300f0740ce9cb92d79ef725382b5f0dfb0aaa143f725
- SSDEEP
  
  1536:CUsibUZtiWC5m9LWWcAUL+wucsEDzT+fZxYVbhbmMoxMWNLzMo:CTibUZtZC05WWdirupET+A2xxlzMo
Score

8^/10

persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistenceprivilege_escalation

behavioral2

persistenceprivilege_escalation