d3216354affa702c6e608dd49e639665ef1113043a1e1fea4b8801c6f9116992 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4b9f7dde80d64e514c7daae7679d4b9f_JaffaCakes118
Size

88KB
Sample

240715-14kwzssamk
MD5

4b9f7dde80d64e514c7daae7679d4b9f
SHA1

33ac47919f696946bd3ce722a3c945a35f617f8e
SHA256

d3216354affa702c6e608dd49e639665ef1113043a1e1fea4b8801c6f9116992
SHA512

5e9a87311d48e56acd1aac8affc3e54e2733963cd5be74787f9ee00acf77b27434ed776555992a648eff0d4b995a75e2710f4677a59ebd809f3c561f32719c42
SSDEEP

1536:Od+gL3FGIDfdXn/kVI49uxsMDDEfa1pZ46lI+H0cHEEEC7xZopSluTHT9KoTJlIU:Od+G3FfdXsVIYMMaN9IdcHBEC7oEkrhN

Score

8^/10

persistence privilege_escalation

Malware Config

Targets

- Target
  
  4b9f7dde80d64e514c7daae7679d4b9f_JaffaCakes118
- Size
  
  88KB
- MD5
  
  4b9f7dde80d64e514c7daae7679d4b9f
- SHA1
  
  33ac47919f696946bd3ce722a3c945a35f617f8e
- SHA256
  
  d3216354affa702c6e608dd49e639665ef1113043a1e1fea4b8801c6f9116992
- SHA512
  
  5e9a87311d48e56acd1aac8affc3e54e2733963cd5be74787f9ee00acf77b27434ed776555992a648eff0d4b995a75e2710f4677a59ebd809f3c561f32719c42
- SSDEEP
  
  1536:Od+gL3FGIDfdXn/kVI49uxsMDDEfa1pZ46lI+H0cHEEEC7xZopSluTHT9KoTJlIU:Od+G3FfdXsVIYMMaN9IdcHBEC7oEkrhN
Score

8^/10

persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistenceprivilege_escalation

behavioral2

persistenceprivilege_escalation