262a79099b02eea3041b364ba7b3257dc3779a0e3beed34b2917917b28da2759 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

25adad6a2912975a2ff7e260256418c5_JaffaCakes118
Size

92KB
Sample

240704-weddds1cpl
MD5

25adad6a2912975a2ff7e260256418c5
SHA1

73d5d28bac4fd73fc2e4a0db68db5ac3ec9c50f2
SHA256

262a79099b02eea3041b364ba7b3257dc3779a0e3beed34b2917917b28da2759
SHA512

d4fb63bae3821bb7331d92178ccfbaf98af5618d3c5f8f6acba80a0ecfa8205428fc92310b9f49795eced0006356a0a5c21cf06e6cfbfddc802c9502312f1d35
SSDEEP

1536:HOdBoKgv9/0Lcq5pLzpspHE2HLKvOonXnoxMWNLzMo:pY3StHLBon4xxlzMo

Score

8^/10

persistence privilege_escalation

Malware Config

Targets

- Target
  
  25adad6a2912975a2ff7e260256418c5_JaffaCakes118
- Size
  
  92KB
- MD5
  
  25adad6a2912975a2ff7e260256418c5
- SHA1
  
  73d5d28bac4fd73fc2e4a0db68db5ac3ec9c50f2
- SHA256
  
  262a79099b02eea3041b364ba7b3257dc3779a0e3beed34b2917917b28da2759
- SHA512
  
  d4fb63bae3821bb7331d92178ccfbaf98af5618d3c5f8f6acba80a0ecfa8205428fc92310b9f49795eced0006356a0a5c21cf06e6cfbfddc802c9502312f1d35
- SSDEEP
  
  1536:HOdBoKgv9/0Lcq5pLzpspHE2HLKvOonXnoxMWNLzMo:pY3StHLBon4xxlzMo
Score

8^/10

persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistenceprivilege_escalation

behavioral2

persistenceprivilege_escalation