caeaaf5ebaf5678a0a8607fce3cbeffe2ff0a6c6615fe2fd19027c815f567f84 | Triage

Sharing

General

Target

4582f27c909e8fb09854689b67a39a74_JaffaCakes118
Size

14KB
Sample

240714-m1wx7azepa
MD5

4582f27c909e8fb09854689b67a39a74
SHA1

e3ac14c21dc3357aff15176a33e0dac8c33e2574
SHA256

caeaaf5ebaf5678a0a8607fce3cbeffe2ff0a6c6615fe2fd19027c815f567f84
SHA512

d9d15901ae6d0f58822fb88f26b5830c0c6e9a5fe048870a351d81ed84bfbecae80b1aed19029322ff020aa1a3880e0fe3681a8250d339664ad433bca31ce9cc
SSDEEP

384:8/0ZwkBGa/OnPgjEjuTKDB0cUTGthmMUNhP:RBGa/OO46m0cfCMcP

Score

8^/10

persistence privilege_escalation

Malware Config

Targets

- Target
  
  4582f27c909e8fb09854689b67a39a74_JaffaCakes118
- Size
  
  14KB
- MD5
  
  4582f27c909e8fb09854689b67a39a74
- SHA1
  
  e3ac14c21dc3357aff15176a33e0dac8c33e2574
- SHA256
  
  caeaaf5ebaf5678a0a8607fce3cbeffe2ff0a6c6615fe2fd19027c815f567f84
- SHA512
  
  d9d15901ae6d0f58822fb88f26b5830c0c6e9a5fe048870a351d81ed84bfbecae80b1aed19029322ff020aa1a3880e0fe3681a8250d339664ad433bca31ce9cc
- SSDEEP
  
  384:8/0ZwkBGa/OnPgjEjuTKDB0cUTGthmMUNhP:RBGa/OO46m0cfCMcP
Score

8^/10

persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistenceprivilege_escalation

behavioral2

persistenceprivilege_escalation