348ca9ca4493d34e1237f968757462e5d2e7d253a6a6aa2b5585f1e58a0cf505 | Triage

Sharing

General

Target

3b1a4211964a08888f110073535479a3_JaffaCakes118
Size

92KB
Sample

240711-285mma1dkh
MD5

3b1a4211964a08888f110073535479a3
SHA1

c0def2bfdef257d3570a1b4a4f9bb0681fbc9121
SHA256

348ca9ca4493d34e1237f968757462e5d2e7d253a6a6aa2b5585f1e58a0cf505
SHA512

ceafbbec46bc843d458af1bcb6e10352573fd3d6ad2f0569c6f55836ab2abb17334c05fead5630bc6c4cee1703b434ea59cd0d822c5f297a98732204f42ece41
SSDEEP

1536:42O1FfGDAjZ77JbyNQDxUx9lAab0+Q1N+qiiLkW+bVBZrYV0okhe:4R10AjhNb6QDeHya1dcqVB60okh

Score

8^/10

persistence privilege_escalation

Malware Config

Targets

- Target
  
  3b1a4211964a08888f110073535479a3_JaffaCakes118
- Size
  
  92KB
- MD5
  
  3b1a4211964a08888f110073535479a3
- SHA1
  
  c0def2bfdef257d3570a1b4a4f9bb0681fbc9121
- SHA256
  
  348ca9ca4493d34e1237f968757462e5d2e7d253a6a6aa2b5585f1e58a0cf505
- SHA512
  
  ceafbbec46bc843d458af1bcb6e10352573fd3d6ad2f0569c6f55836ab2abb17334c05fead5630bc6c4cee1703b434ea59cd0d822c5f297a98732204f42ece41
- SSDEEP
  
  1536:42O1FfGDAjZ77JbyNQDxUx9lAab0+Q1N+qiiLkW+bVBZrYV0okhe:4R10AjhNb6QDeHya1dcqVB60okh
Score

8^/10

persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistenceprivilege_escalation

behavioral2

persistenceprivilege_escalation