b7d394d8815dfcb3b8d8861e8ba30372b525652ae93da87a0aed4e7246e32559 | Triage

Sharing

General

Target

2bb12a410a6fc7c297e7170a71eb8ec3_JaffaCakes118
Size

532KB
Sample

240708-kmwdds1emj
MD5

2bb12a410a6fc7c297e7170a71eb8ec3
SHA1

e1d4d79c2c3c40f1354ed3b25b0f21499b68c9f9
SHA256

b7d394d8815dfcb3b8d8861e8ba30372b525652ae93da87a0aed4e7246e32559
SHA512

a173ce696b24ee5a2df5fc9f5780587ccfb7d27c525009cf8ca420cfc7d35f2b0b9cb6dca2ff48ad2a14b1ec96c24cb39ae05070b5e433230f1c194006998dc6
SSDEEP

12288:urNEHboZaHt0mB3DFpxveH8zYIVMgqwgms0V7MmrJO:urNEHbeWvxvlvrHVomd

Score

8^/10

persistence privilege_escalation

Malware Config

Targets

- Target
  
  2bb12a410a6fc7c297e7170a71eb8ec3_JaffaCakes118
- Size
  
  532KB
- MD5
  
  2bb12a410a6fc7c297e7170a71eb8ec3
- SHA1
  
  e1d4d79c2c3c40f1354ed3b25b0f21499b68c9f9
- SHA256
  
  b7d394d8815dfcb3b8d8861e8ba30372b525652ae93da87a0aed4e7246e32559
- SHA512
  
  a173ce696b24ee5a2df5fc9f5780587ccfb7d27c525009cf8ca420cfc7d35f2b0b9cb6dca2ff48ad2a14b1ec96c24cb39ae05070b5e433230f1c194006998dc6
- SSDEEP
  
  12288:urNEHboZaHt0mB3DFpxveH8zYIVMgqwgms0V7MmrJO:urNEHbeWvxvlvrHVomd
Score

8^/10

persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistenceprivilege_escalation

behavioral2