bf9a11a2367a49129cee20b0f2668956e64108c0c09ffc584af4f64126898317 | Triage

Sharing

General

Target

372ad8586864b02a869293a48554ad1d_JaffaCakes118
Size

92KB
Sample

240711-bn16latamc
MD5

372ad8586864b02a869293a48554ad1d
SHA1

778f4b7b76378249f90086aef858c5f53fa2ff03
SHA256

bf9a11a2367a49129cee20b0f2668956e64108c0c09ffc584af4f64126898317
SHA512

58444bdcef0435497c7a2febb6043e6525a1e6915778148d21dcdee87ba1ec3e34d67a70b0f2ce29c912785c5357ca88e7817b6bd135c52a6eb3a4da859ae9fe
SSDEEP

1536:l+aUcVR1MqquN5Ph2ufM02MHkmuy9x6b97IpUaoxMWNLzMo:ldUcxquN5PYCz2ME9IxixxlzMo

Score

8^/10

persistence privilege_escalation

Malware Config

Targets

- Target
  
  372ad8586864b02a869293a48554ad1d_JaffaCakes118
- Size
  
  92KB
- MD5
  
  372ad8586864b02a869293a48554ad1d
- SHA1
  
  778f4b7b76378249f90086aef858c5f53fa2ff03
- SHA256
  
  bf9a11a2367a49129cee20b0f2668956e64108c0c09ffc584af4f64126898317
- SHA512
  
  58444bdcef0435497c7a2febb6043e6525a1e6915778148d21dcdee87ba1ec3e34d67a70b0f2ce29c912785c5357ca88e7817b6bd135c52a6eb3a4da859ae9fe
- SSDEEP
  
  1536:l+aUcVR1MqquN5Ph2ufM02MHkmuy9x6b97IpUaoxMWNLzMo:ldUcxquN5PYCz2ME9IxixxlzMo
Score

8^/10

persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistenceprivilege_escalation

behavioral2

persistenceprivilege_escalation