fb145fe4b5dbbd9e8c2e3f1da10a0718f492cd600f3c43711e0bf5ec8f26bbe1 | Triage

Sharing

General

Target

255199e95d485d1d595a4bbef921f852_JaffaCakes118
Size

78KB
Sample

240704-knl64ssglq
MD5

255199e95d485d1d595a4bbef921f852
SHA1

41faff3a966e7f6d9b1034253fd18d5b8b4cf996
SHA256

fb145fe4b5dbbd9e8c2e3f1da10a0718f492cd600f3c43711e0bf5ec8f26bbe1
SHA512

9aa1ce987d421f45a64bd15a7738120d7014f2e112698583c5c7b14abcd38d502c90985c50ae5729b50c444bb57255fb01fda5cc4221659526aca3bf5a6cc6d5
SSDEEP

1536:0wbzHyEWagNf5OVuopsSEOmozUlPOhwGAo6JlIK:5zSEWaMksZosPEwGAo6JlIK

Score

8^/10

persistence privilege_escalation

Malware Config

Targets

- Target
  
  255199e95d485d1d595a4bbef921f852_JaffaCakes118
- Size
  
  78KB
- MD5
  
  255199e95d485d1d595a4bbef921f852
- SHA1
  
  41faff3a966e7f6d9b1034253fd18d5b8b4cf996
- SHA256
  
  fb145fe4b5dbbd9e8c2e3f1da10a0718f492cd600f3c43711e0bf5ec8f26bbe1
- SHA512
  
  9aa1ce987d421f45a64bd15a7738120d7014f2e112698583c5c7b14abcd38d502c90985c50ae5729b50c444bb57255fb01fda5cc4221659526aca3bf5a6cc6d5
- SSDEEP
  
  1536:0wbzHyEWagNf5OVuopsSEOmozUlPOhwGAo6JlIK:5zSEWaMksZosPEwGAo6JlIK
Score

8^/10

persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistenceprivilege_escalation

behavioral2

persistenceprivilege_escalation