fffd6bba6421ed39ac6201b53367fc35436859e4c5d7f3ac102ebc52019f10e0 | Triage

Sharing

General

Target

3ed9cc2394ace06361d77a5baa9509e9_JaffaCakes118
Size

96KB
Sample

240712-zq4w9szdjl
MD5

3ed9cc2394ace06361d77a5baa9509e9
SHA1

bb942c8816b94629e8254e0f0c58dd2e215c61cc
SHA256

fffd6bba6421ed39ac6201b53367fc35436859e4c5d7f3ac102ebc52019f10e0
SHA512

5589477e5415205cf2ee897468f843b8427b0cfad9cf6971ed1a232856e9b69a86a9be0d6450e215f5cdf68c336afd61cdad1aa3442d8e3c1b21c5c6400d3241
SSDEEP

1536:2UC5sPFhRntVTKJyyKsNJ/CEaY9ex2bcjMNajoJBgmQB:2X5sT5tVLyKsNcE1e2bWMMjongmQ

Score

8^/10

persistence privilege_escalation

Malware Config

Targets

- Target
  
  3ed9cc2394ace06361d77a5baa9509e9_JaffaCakes118
- Size
  
  96KB
- MD5
  
  3ed9cc2394ace06361d77a5baa9509e9
- SHA1
  
  bb942c8816b94629e8254e0f0c58dd2e215c61cc
- SHA256
  
  fffd6bba6421ed39ac6201b53367fc35436859e4c5d7f3ac102ebc52019f10e0
- SHA512
  
  5589477e5415205cf2ee897468f843b8427b0cfad9cf6971ed1a232856e9b69a86a9be0d6450e215f5cdf68c336afd61cdad1aa3442d8e3c1b21c5c6400d3241
- SSDEEP
  
  1536:2UC5sPFhRntVTKJyyKsNJ/CEaY9ex2bcjMNajoJBgmQB:2X5sT5tVLyKsNcE1e2bWMMjongmQ
Score

8^/10

persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistenceprivilege_escalation

behavioral2

persistenceprivilege_escalation