b579a4b181fa2c43f4c123130a8a50e0f09e9f6fae42d032455743198eb283e7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3934a09b2d4d7f26d7e01709360d61ad_JaffaCakes118
Size

100KB
Sample

240711-p662fsxbqq
MD5

3934a09b2d4d7f26d7e01709360d61ad
SHA1

05314c46c9cd7b19c0f6693cc90c426645f0a1a7
SHA256

b579a4b181fa2c43f4c123130a8a50e0f09e9f6fae42d032455743198eb283e7
SHA512

497b6603583b9631eb3697ca2cef9c2282aa1adb9860ade235b58cbb0182896a22a76063d4e7921944ceb430e9a3e30aa2e15c8e7eaa6d615fe47e6969e86853
SSDEEP

3072:1u6yjZSgGaQGr7sMR/D5SmCSrt17rLHof:1u6yjQrC7Tb5SYtP

Score

8^/10

persistence privilege_escalation

Malware Config

Targets

- Target
  
  3934a09b2d4d7f26d7e01709360d61ad_JaffaCakes118
- Size
  
  100KB
- MD5
  
  3934a09b2d4d7f26d7e01709360d61ad
- SHA1
  
  05314c46c9cd7b19c0f6693cc90c426645f0a1a7
- SHA256
  
  b579a4b181fa2c43f4c123130a8a50e0f09e9f6fae42d032455743198eb283e7
- SHA512
  
  497b6603583b9631eb3697ca2cef9c2282aa1adb9860ade235b58cbb0182896a22a76063d4e7921944ceb430e9a3e30aa2e15c8e7eaa6d615fe47e6969e86853
- SSDEEP
  
  3072:1u6yjZSgGaQGr7sMR/D5SmCSrt17rLHof:1u6yjQrC7Tb5SYtP
Score

8^/10

persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistenceprivilege_escalation

behavioral2

persistenceprivilege_escalation