d6c0c78f3bde4eec2977c6b2145176c6bf848130aa863669b3589871a4fafd63 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4b80522d5be129d9ae20bfb1c1b61842_JaffaCakes118
Size

124KB
Sample

240715-1fhfyssgpb
MD5

4b80522d5be129d9ae20bfb1c1b61842
SHA1

359b1b74c7ce4110ecf90aad6d78cb028ec75196
SHA256

d6c0c78f3bde4eec2977c6b2145176c6bf848130aa863669b3589871a4fafd63
SHA512

04126de296b4a9c21bc7ce150d84720520babf9d3c1c6274b0fcfd556c113514744f11db132a4056e7103a76d32b3cc66a82ece8ec6509515e86b88b6163d360
SSDEEP

3072:yrrp4BjU2YP1FMJIcYWjnSMdlYock2Ha7o8WAE5zYUoh:mO493JOdlp6tzT

Score

8^/10

persistence privilege_escalation

Malware Config

Targets

- Target
  
  4b80522d5be129d9ae20bfb1c1b61842_JaffaCakes118
- Size
  
  124KB
- MD5
  
  4b80522d5be129d9ae20bfb1c1b61842
- SHA1
  
  359b1b74c7ce4110ecf90aad6d78cb028ec75196
- SHA256
  
  d6c0c78f3bde4eec2977c6b2145176c6bf848130aa863669b3589871a4fafd63
- SHA512
  
  04126de296b4a9c21bc7ce150d84720520babf9d3c1c6274b0fcfd556c113514744f11db132a4056e7103a76d32b3cc66a82ece8ec6509515e86b88b6163d360
- SSDEEP
  
  3072:yrrp4BjU2YP1FMJIcYWjnSMdlYock2Ha7o8WAE5zYUoh:mO493JOdlp6tzT
Score

8^/10

persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistenceprivilege_escalation

behavioral2

persistenceprivilege_escalation