3495592f0a00d2dc1171e877ee83588dd1ae9a803a9c76b38e42d11162e2fcce | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2d4c2031cacfd927d225a1b9f2af5a6d_JaffaCakes118
Size

92KB
Sample

240708-wkhkas1drj
MD5

2d4c2031cacfd927d225a1b9f2af5a6d
SHA1

d2ab871e3c160012fc63405cb001cd7ac81d6d34
SHA256

3495592f0a00d2dc1171e877ee83588dd1ae9a803a9c76b38e42d11162e2fcce
SHA512

e2a37ec52c3ac47ddd2d1e6fd4de7b4302e3e1d37c2538e9596ff476867662e0df7a0cf9bac525b6646813f68c66241f367ab3c4414e0333d7e9daf214f954b0
SSDEEP

1536:1N8mpFTFlFCyLASHa9/gQG3eZb3Ajdh+W+bVBZrYV0o5e:rBt3CyBMamb3ah0VB60o5

Score

8^/10

persistence privilege_escalation

Malware Config

Targets

- Target
  
  2d4c2031cacfd927d225a1b9f2af5a6d_JaffaCakes118
- Size
  
  92KB
- MD5
  
  2d4c2031cacfd927d225a1b9f2af5a6d
- SHA1
  
  d2ab871e3c160012fc63405cb001cd7ac81d6d34
- SHA256
  
  3495592f0a00d2dc1171e877ee83588dd1ae9a803a9c76b38e42d11162e2fcce
- SHA512
  
  e2a37ec52c3ac47ddd2d1e6fd4de7b4302e3e1d37c2538e9596ff476867662e0df7a0cf9bac525b6646813f68c66241f367ab3c4414e0333d7e9daf214f954b0
- SSDEEP
  
  1536:1N8mpFTFlFCyLASHa9/gQG3eZb3Ajdh+W+bVBZrYV0o5e:rBt3CyBMamb3ah0VB60o5
Score

8^/10

persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistenceprivilege_escalation

behavioral2

persistenceprivilege_escalation