04b9fb49d55641713cbb012b95d92c3e706137272d22e74a9f4077b35ed8bd95 | Triage

Sharing

General

Target

305ba182c438b03c1b9d5ab7049574c4_JaffaCakes118
Size

84KB
Sample

240709-pj2s8atflk
MD5

305ba182c438b03c1b9d5ab7049574c4
SHA1

d0ccfcb52aa8cf50684e77730948705cdc3ebbf3
SHA256

04b9fb49d55641713cbb012b95d92c3e706137272d22e74a9f4077b35ed8bd95
SHA512

e23be5203be5a62496a78e7709527d4314ce28c31cc5e8128b01d5382ae035af3f42209d850a90d57d70599ac63bf5facb0e910752cd46f2c8044e9377ff573c
SSDEEP

1536:RI83J6tOmJMxQZPSTjM7e1CMi11HQLMSr4o12o3mN+QCzxvGeo6:PaUxQM/rcMi16LMSz1GMQCleeo6

Score

8^/10

persistence privilege_escalation

Malware Config

Targets

- Target
  
  305ba182c438b03c1b9d5ab7049574c4_JaffaCakes118
- Size
  
  84KB
- MD5
  
  305ba182c438b03c1b9d5ab7049574c4
- SHA1
  
  d0ccfcb52aa8cf50684e77730948705cdc3ebbf3
- SHA256
  
  04b9fb49d55641713cbb012b95d92c3e706137272d22e74a9f4077b35ed8bd95
- SHA512
  
  e23be5203be5a62496a78e7709527d4314ce28c31cc5e8128b01d5382ae035af3f42209d850a90d57d70599ac63bf5facb0e910752cd46f2c8044e9377ff573c
- SSDEEP
  
  1536:RI83J6tOmJMxQZPSTjM7e1CMi11HQLMSr4o12o3mN+QCzxvGeo6:PaUxQM/rcMi16LMSz1GMQCleeo6
Score

8^/10

persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistenceprivilege_escalation

behavioral2

persistenceprivilege_escalation