727357614f630727a6c209a602328ef6e9d2ba8bd2fa6333a818e6ee30cfee2f | Triage

Sharing

General

Target

319aa746910f153387972500cb52cfe9_JaffaCakes118
Size

92KB
Sample

240709-xrzb3azepm
MD5

319aa746910f153387972500cb52cfe9
SHA1

8465e7a995493cd838d958220ba5bd2b112fb706
SHA256

727357614f630727a6c209a602328ef6e9d2ba8bd2fa6333a818e6ee30cfee2f
SHA512

2ff61ae245eec35b4f1fff9c58d03bc008f569b07b5b2af049c6283715ef657f362ca9cc315f6c391a473eae450d2cde4f20412a5c8bf267ec7466d383d07c24
SSDEEP

1536:nSOVAqj3mRkguNsw9MbkM2k2Gti99BV0hAo9wvNDbt953Pk3IhOeBtMou4JlI8l0:6qj30kBKbkM2k2Gk9c9kPv3P39Mou4J6

Score

8^/10

persistence privilege_escalation

Malware Config

Targets

- Target
  
  319aa746910f153387972500cb52cfe9_JaffaCakes118
- Size
  
  92KB
- MD5
  
  319aa746910f153387972500cb52cfe9
- SHA1
  
  8465e7a995493cd838d958220ba5bd2b112fb706
- SHA256
  
  727357614f630727a6c209a602328ef6e9d2ba8bd2fa6333a818e6ee30cfee2f
- SHA512
  
  2ff61ae245eec35b4f1fff9c58d03bc008f569b07b5b2af049c6283715ef657f362ca9cc315f6c391a473eae450d2cde4f20412a5c8bf267ec7466d383d07c24
- SSDEEP
  
  1536:nSOVAqj3mRkguNsw9MbkM2k2Gti99BV0hAo9wvNDbt953Pk3IhOeBtMou4JlI8l0:6qj30kBKbkM2k2Gk9c9kPv3P39Mou4J6
Score

8^/10

persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

persistenceprivilege_escalation