4fe18048522909e2b5bda88c02501063759841c59a33e0369b8c502403bc24bf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

22dba53acce69c240977417e2b5632da_JaffaCakes118
Size

118KB
Sample

240703-sx9b1awekc
MD5

22dba53acce69c240977417e2b5632da
SHA1

8464c8be84d3233b99c837895daa9837c71ff83a
SHA256

4fe18048522909e2b5bda88c02501063759841c59a33e0369b8c502403bc24bf
SHA512

bab055d9f1b055da2dae2e27e8eea99a6b6eb5c15090c012b477ed60ce6870ebb03a1ce1b62025fc72b989dde341ea34c1a07401e0460c2a296e057f76842fe3
SSDEEP

3072:PmNDLwUC0Wb5/+eYQPZfd9ydSoKXzRD5ShupNz96QwQz+YPOpwsiD:Oxm0a5/ZY6fpNBUhupN96az+YywV

Score

8^/10

persistence privilege_escalation

Malware Config

Targets

- Target
  
  22dba53acce69c240977417e2b5632da_JaffaCakes118
- Size
  
  118KB
- MD5
  
  22dba53acce69c240977417e2b5632da
- SHA1
  
  8464c8be84d3233b99c837895daa9837c71ff83a
- SHA256
  
  4fe18048522909e2b5bda88c02501063759841c59a33e0369b8c502403bc24bf
- SHA512
  
  bab055d9f1b055da2dae2e27e8eea99a6b6eb5c15090c012b477ed60ce6870ebb03a1ce1b62025fc72b989dde341ea34c1a07401e0460c2a296e057f76842fe3
- SSDEEP
  
  3072:PmNDLwUC0Wb5/+eYQPZfd9ydSoKXzRD5ShupNz96QwQz+YPOpwsiD:Oxm0a5/ZY6fpNBUhupN96az+YywV
Score

8^/10

persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

persistenceprivilege_escalation