87fb7c536c2c3f76504ea223f5f3115655f72b7323836d680f6d76cf054243aa | Triage

Sharing

General

Target

59b19d37b4201fc4c4245d8ec866a9b6_JaffaCakes118
Size

52KB
Sample

240719-akyevswhnf
MD5

59b19d37b4201fc4c4245d8ec866a9b6
SHA1

22752525c20e5f9553fe7122e19d19ee3551112f
SHA256

87fb7c536c2c3f76504ea223f5f3115655f72b7323836d680f6d76cf054243aa
SHA512

a4597ac2e9fe11d777d261399c8a8955f5ae727d72ce1f6ec0312d8e66e8fe0acd59e798f2a40ae642c19a64707867e909ae49e9aa640f1fc289de21a4505f0a
SSDEEP

768:nfEinyzqFK63Ik18xubThTQ1xTxFls+j:nry2ceDSldv3

Score

8^/10

persistence privilege_escalation

Malware Config

Targets

- Target
  
  59b19d37b4201fc4c4245d8ec866a9b6_JaffaCakes118
- Size
  
  52KB
- MD5
  
  59b19d37b4201fc4c4245d8ec866a9b6
- SHA1
  
  22752525c20e5f9553fe7122e19d19ee3551112f
- SHA256
  
  87fb7c536c2c3f76504ea223f5f3115655f72b7323836d680f6d76cf054243aa
- SHA512
  
  a4597ac2e9fe11d777d261399c8a8955f5ae727d72ce1f6ec0312d8e66e8fe0acd59e798f2a40ae642c19a64707867e909ae49e9aa640f1fc289de21a4505f0a
- SSDEEP
  
  768:nfEinyzqFK63Ik18xubThTQ1xTxFls+j:nry2ceDSldv3
Score

8^/10

persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistenceprivilege_escalation

behavioral2

persistenceprivilege_escalation