e61de7262114f2f284d6c0400ef7f0a1bb612d1c8d5759c2256811f4e20a48d4 | Triage

Sharing

General

Target

3e136c7ba3a6e45ff64aab0c41533412_JaffaCakes118
Size

104KB
Sample

240712-t1dvyatdmb
MD5

3e136c7ba3a6e45ff64aab0c41533412
SHA1

9e3aa704fadcc90d9bf25554c022d84ef654daeb
SHA256

e61de7262114f2f284d6c0400ef7f0a1bb612d1c8d5759c2256811f4e20a48d4
SHA512

c0a97eaae9bc7e6f0c854a2334390a9daf4fee85facf1528b3a3900ee79ceb37362108ca6438f4a7fa0c3717408639dfc6f878fc8b29199cf9a4b1a16d9af7cc
SSDEEP

1536:h8RWzTEmdAnzJZwEqir44lyF7jBdCO7ceu+nBgyoDPj6mQ:hslmdAlyE+4lKMOgebBgyoD0

Score

8^/10

persistence privilege_escalation

Malware Config

Targets

- Target
  
  3e136c7ba3a6e45ff64aab0c41533412_JaffaCakes118
- Size
  
  104KB
- MD5
  
  3e136c7ba3a6e45ff64aab0c41533412
- SHA1
  
  9e3aa704fadcc90d9bf25554c022d84ef654daeb
- SHA256
  
  e61de7262114f2f284d6c0400ef7f0a1bb612d1c8d5759c2256811f4e20a48d4
- SHA512
  
  c0a97eaae9bc7e6f0c854a2334390a9daf4fee85facf1528b3a3900ee79ceb37362108ca6438f4a7fa0c3717408639dfc6f878fc8b29199cf9a4b1a16d9af7cc
- SSDEEP
  
  1536:h8RWzTEmdAnzJZwEqir44lyF7jBdCO7ceu+nBgyoDPj6mQ:hslmdAlyE+4lKMOgebBgyoD0
Score

8^/10

persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistenceprivilege_escalation

behavioral2

persistenceprivilege_escalation