7f6b141c05d0e419e03f80a4446078c6ee8854ebea7a550ff6d6e05a4baea547 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2ec41af9b662e1f2edec26d4ce9b1d27_JaffaCakes118
Size

92KB
Sample

240709-dg962ashkk
MD5

2ec41af9b662e1f2edec26d4ce9b1d27
SHA1

69570248a88568293e1ddc446beea0c7df1d66be
SHA256

7f6b141c05d0e419e03f80a4446078c6ee8854ebea7a550ff6d6e05a4baea547
SHA512

b6aff499ace6a85d11cb047b40ed2c1fdd8e85906056eebe3fd26e9755129b9e9c5127c9c804939b01fe6be76662f30b8092137515c8dba0821f9d8b10b439cd
SSDEEP

1536:xhvryOJlZGZ03EQfS3AY5pS7UK4SWTuQp0dDfIDAEhEacLfHwzGo:LeOJ800hwY5pRSW7ayyacszGo

Score

8^/10

persistence privilege_escalation

Malware Config

Targets

- Target
  
  2ec41af9b662e1f2edec26d4ce9b1d27_JaffaCakes118
- Size
  
  92KB
- MD5
  
  2ec41af9b662e1f2edec26d4ce9b1d27
- SHA1
  
  69570248a88568293e1ddc446beea0c7df1d66be
- SHA256
  
  7f6b141c05d0e419e03f80a4446078c6ee8854ebea7a550ff6d6e05a4baea547
- SHA512
  
  b6aff499ace6a85d11cb047b40ed2c1fdd8e85906056eebe3fd26e9755129b9e9c5127c9c804939b01fe6be76662f30b8092137515c8dba0821f9d8b10b439cd
- SSDEEP
  
  1536:xhvryOJlZGZ03EQfS3AY5pS7UK4SWTuQp0dDfIDAEhEacLfHwzGo:LeOJ800hwY5pRSW7ayyacszGo
Score

8^/10

persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistenceprivilege_escalation

behavioral2

persistenceprivilege_escalation