36417dcedf99fe5529fac20726ab42e3b279c0729d54ffb69a0700aec3d09276 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

240f1fe11d5a7271e080969187bbf9b2_JaffaCakes118
Size

100KB
Sample

240704-a31b6svdpk
MD5

240f1fe11d5a7271e080969187bbf9b2
SHA1

17519d89b2f8b8de5c223009c3d3fba2799c909e
SHA256

36417dcedf99fe5529fac20726ab42e3b279c0729d54ffb69a0700aec3d09276
SHA512

ba737ddb9c57bbc8ea50dbe09b880170b7a90cef89b6594b13a9a7e09d9cd5f8da993914fd8f5e2af03f8ab31d33441a2375482a6c8be6c5686d233ee0d332d0
SSDEEP

1536:m2BqD3Q/vvUnnjvoAd71R2QODtYa8r97JE29Mg0Yl5Lgo4zHYRIA:m2BqbQsjAC25Dt8r97a29x0YPLgo47Y

Score

8^/10

persistence privilege_escalation

Malware Config

Targets

- Target
  
  240f1fe11d5a7271e080969187bbf9b2_JaffaCakes118
- Size
  
  100KB
- MD5
  
  240f1fe11d5a7271e080969187bbf9b2
- SHA1
  
  17519d89b2f8b8de5c223009c3d3fba2799c909e
- SHA256
  
  36417dcedf99fe5529fac20726ab42e3b279c0729d54ffb69a0700aec3d09276
- SHA512
  
  ba737ddb9c57bbc8ea50dbe09b880170b7a90cef89b6594b13a9a7e09d9cd5f8da993914fd8f5e2af03f8ab31d33441a2375482a6c8be6c5686d233ee0d332d0
- SSDEEP
  
  1536:m2BqD3Q/vvUnnjvoAd71R2QODtYa8r97JE29Mg0Yl5Lgo4zHYRIA:m2BqbQsjAC25Dt8r97a29x0YPLgo47Y
Score

8^/10

persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistenceprivilege_escalation

behavioral2

persistenceprivilege_escalation