f3ca9b482be31d436e413eca1d4471149b8ebfb135241b42bf2d372ce67dc4c1 | Triage

Sharing

General

Target

3e789450305251ab89f5196b1f684454_JaffaCakes118
Size

89KB
Sample

240712-xgxqgswbll
MD5

3e789450305251ab89f5196b1f684454
SHA1

3d10726ca5500848b767ad423304cd45f9032113
SHA256

f3ca9b482be31d436e413eca1d4471149b8ebfb135241b42bf2d372ce67dc4c1
SHA512

edd6056d79ec614677d1c32f7a078baf6a51cf9e74fd142b2c6aef702642479e8f2f417645b428b4df2c4edb3915e17ae43d43a8db2e31a078047b1a13abd982
SSDEEP

1536:pFX1/h9mwrjMdRaDz1yu8cD4w/pzX0Ub6jnmHFBThoMJlIx0:L/YgTDRMcXiUbYnmHzThoMJlIx

Score

8^/10

persistence privilege_escalation

Malware Config

Targets

- Target
  
  3e789450305251ab89f5196b1f684454_JaffaCakes118
- Size
  
  89KB
- MD5
  
  3e789450305251ab89f5196b1f684454
- SHA1
  
  3d10726ca5500848b767ad423304cd45f9032113
- SHA256
  
  f3ca9b482be31d436e413eca1d4471149b8ebfb135241b42bf2d372ce67dc4c1
- SHA512
  
  edd6056d79ec614677d1c32f7a078baf6a51cf9e74fd142b2c6aef702642479e8f2f417645b428b4df2c4edb3915e17ae43d43a8db2e31a078047b1a13abd982
- SSDEEP
  
  1536:pFX1/h9mwrjMdRaDz1yu8cD4w/pzX0Ub6jnmHFBThoMJlIx0:L/YgTDRMcXiUbYnmHzThoMJlIx
Score

8^/10

persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistenceprivilege_escalation

behavioral2

persistenceprivilege_escalation