ecd618f7fe1daadb368c427072a421615c8071d3ce4eb5551f950ae353e2c748 | Triage

Sharing

General

Target

485e60235ad8088639fe39e2fe9d5273_JaffaCakes118
Size

88KB
Sample

240715-fwrdkszbml
MD5

485e60235ad8088639fe39e2fe9d5273
SHA1

e72022fffd71fbbb2b773db99948bc0e3cf001d4
SHA256

ecd618f7fe1daadb368c427072a421615c8071d3ce4eb5551f950ae353e2c748
SHA512

d0ab461e85a1b984a92da47a7db4c48398deb830544f4e381e80e142c9abe80832c34e430989541d950ff57e0712f8e404e9317bfe3c34141e76da132517b963
SSDEEP

1536:e7apm+uJ4/DfnjRFmRya6YYbM0Jpgi1OrtLEEEC7xZopSluTHT9KoTJlIU:ro+NbfnVFmRsYqDJBAtLBEC7oEkrhKoD

Score

8^/10

persistence privilege_escalation

Malware Config

Targets

- Target
  
  485e60235ad8088639fe39e2fe9d5273_JaffaCakes118
- Size
  
  88KB
- MD5
  
  485e60235ad8088639fe39e2fe9d5273
- SHA1
  
  e72022fffd71fbbb2b773db99948bc0e3cf001d4
- SHA256
  
  ecd618f7fe1daadb368c427072a421615c8071d3ce4eb5551f950ae353e2c748
- SHA512
  
  d0ab461e85a1b984a92da47a7db4c48398deb830544f4e381e80e142c9abe80832c34e430989541d950ff57e0712f8e404e9317bfe3c34141e76da132517b963
- SSDEEP
  
  1536:e7apm+uJ4/DfnjRFmRya6YYbM0Jpgi1OrtLEEEC7xZopSluTHT9KoTJlIU:ro+NbfnVFmRsYqDJBAtLBEC7oEkrhKoD
Score

8^/10

persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistenceprivilege_escalation

behavioral2

persistenceprivilege_escalation