d87791ef20dd46d1cd587ca3f22926c5f8e718363ee128ae95d7a51f5b62799f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

32d18aac75960aa0e914ae15ec52f962_JaffaCakes118
Size

92KB
Sample

240710-b22paa1akh
MD5

32d18aac75960aa0e914ae15ec52f962
SHA1

a785565e6219e79db4f3857990985b3880d35ef0
SHA256

d87791ef20dd46d1cd587ca3f22926c5f8e718363ee128ae95d7a51f5b62799f
SHA512

7d4c8e633d3ec07639cfdd379a3c4180c78621df4f20e8dd2b9cb2bc347bb8f8ea87aa93128520708f11acd485964fc7dc69d475ffd0a4a35ba30ac359c7e214
SSDEEP

1536:/h74fKZl2XK3VCUBAZykTPpGmCBmGxo+2vYJwoxMWNLzMo:JF8oVC6AgkLQLlxJdxxlzMo

Score

8^/10

persistence privilege_escalation

Malware Config

Targets

- Target
  
  32d18aac75960aa0e914ae15ec52f962_JaffaCakes118
- Size
  
  92KB
- MD5
  
  32d18aac75960aa0e914ae15ec52f962
- SHA1
  
  a785565e6219e79db4f3857990985b3880d35ef0
- SHA256
  
  d87791ef20dd46d1cd587ca3f22926c5f8e718363ee128ae95d7a51f5b62799f
- SHA512
  
  7d4c8e633d3ec07639cfdd379a3c4180c78621df4f20e8dd2b9cb2bc347bb8f8ea87aa93128520708f11acd485964fc7dc69d475ffd0a4a35ba30ac359c7e214
- SSDEEP
  
  1536:/h74fKZl2XK3VCUBAZykTPpGmCBmGxo+2vYJwoxMWNLzMo:JF8oVC6AgkLQLlxJdxxlzMo
Score

8^/10

persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistenceprivilege_escalation

behavioral2

persistenceprivilege_escalation