5e3bd5c5aab3bf920b57de38b4b4712ed6455281775bdac139ec4f0fb2083b13 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

443a164c7476d002c112b857de688de5_JaffaCakes118
Size

92KB
Sample

240714-elkmlsybre
MD5

443a164c7476d002c112b857de688de5
SHA1

f6a64b76968e0785187a61b4db04f5589407b344
SHA256

5e3bd5c5aab3bf920b57de38b4b4712ed6455281775bdac139ec4f0fb2083b13
SHA512

96c5246099e2d9d67c07d8a05ba5ca4ccda3fb4779f92dcd582560228346305ec772179eb3cf60295920609b69848ddad155735dd628813fec3f71bdcb711b56
SSDEEP

1536:CcZKrA+iuQM61CFSk52XArSqWdX4TRJiDfJf8fkQMUoxMWNLzMo:CjrA+i7N1kydoTbiD1oLMxxlzMo

Score

8^/10

persistence privilege_escalation

Malware Config

Targets

- Target
  
  443a164c7476d002c112b857de688de5_JaffaCakes118
- Size
  
  92KB
- MD5
  
  443a164c7476d002c112b857de688de5
- SHA1
  
  f6a64b76968e0785187a61b4db04f5589407b344
- SHA256
  
  5e3bd5c5aab3bf920b57de38b4b4712ed6455281775bdac139ec4f0fb2083b13
- SHA512
  
  96c5246099e2d9d67c07d8a05ba5ca4ccda3fb4779f92dcd582560228346305ec772179eb3cf60295920609b69848ddad155735dd628813fec3f71bdcb711b56
- SSDEEP
  
  1536:CcZKrA+iuQM61CFSk52XArSqWdX4TRJiDfJf8fkQMUoxMWNLzMo:CjrA+i7N1kydoTbiD1oLMxxlzMo
Score

8^/10

persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistenceprivilege_escalation

behavioral2

persistenceprivilege_escalation