f11aa21561568eb9e33279bc17cacd0c8cf23dc811eb7c3c43b05457bdf68a76 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

27db313b96ee3d41ab2c0c6f0d2efe08_JaffaCakes118
Size

1.1MB
Sample

240706-j36cvssamn
MD5

27db313b96ee3d41ab2c0c6f0d2efe08
SHA1

0153565c055583af780378ecb5da6fad8e740932
SHA256

f11aa21561568eb9e33279bc17cacd0c8cf23dc811eb7c3c43b05457bdf68a76
SHA512

dbec0981d7e3e628d2ccd4e3b6f3965a4f07a570f1cb4cfc9a60d260ec9aace1c0a935b0441eef199ebb5cbad661b458f3d4f094683c93b65679b44c01a2ef5c
SSDEEP

24576:XKAW8MkKAj9Cns4XKBAH/TPWzIZNXUn4FxTfCBFZ:DtvjNWfT9ZqmJCBD

Score

6^/10

persistence privilege_escalation

Malware Config

Targets

- Target
  
  WinGet.msi
- Size
  
  1.2MB
- MD5
  
  36e7c84a353104d698ff8c10ce4277b5
- SHA1
  
  e3f86ec21fe95ddfb0074abb0310aa437459b4d6
- SHA256
  
  a0c23e86d049e73f04df029e732898497b8d09ba98871b12adfe32655f6ce815
- SHA512
  
  a74c1fa3d241a8af3675e12607eaef451b3eae5685452b6b2802de08c108be8c9bdf5f6e04b373a3ce240c794724e98686bb9861fb3af26b1dc6363ae27d9202
- SSDEEP
  
  24576:iD9mI1HIOU1v8dOhYiUy/7PrEZH843atRv1XPcBHXw5GoS:iD9mGKveOhfUcEZbqH1fEwnS
Score

6^/10

persistence privilege_escalation
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Installer Packages

Privilege Escalation

Event Triggered Execution

Installer Packages

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistenceprivilege_escalation

behavioral2

persistenceprivilege_escalation