9194db85f2d2fa871997a8ce78d0469727f06770c5fad17f193a9918d338b6ea | Triage

Sharing

General

Target

5a464276b8b47b0ab5ef8a1283fc0fdd_JaffaCakes118
Size

124KB
Sample

240719-dxy4pszgrp
MD5

5a464276b8b47b0ab5ef8a1283fc0fdd
SHA1

9c3190bc9e30e375170db6fb880126adbf7bac91
SHA256

9194db85f2d2fa871997a8ce78d0469727f06770c5fad17f193a9918d338b6ea
SHA512

c60c2482370f7ebabe6f4f11cda3909ee2089417ab8bf4c516fab41e16644c7e43e3c559d320a8fa4451beb028364e776b130998fe4df019059feb6d859fba1a
SSDEEP

1536:v04J02MiJNBCzHoWRJqBS0WTZ4WliLFcHo5A4PXHuAkl5zCH:M4xVJNKodM7iLiHo5LWAE5zY

Score

8^/10

persistence privilege_escalation

Malware Config

Targets

- Target
  
  5a464276b8b47b0ab5ef8a1283fc0fdd_JaffaCakes118
- Size
  
  124KB
- MD5
  
  5a464276b8b47b0ab5ef8a1283fc0fdd
- SHA1
  
  9c3190bc9e30e375170db6fb880126adbf7bac91
- SHA256
  
  9194db85f2d2fa871997a8ce78d0469727f06770c5fad17f193a9918d338b6ea
- SHA512
  
  c60c2482370f7ebabe6f4f11cda3909ee2089417ab8bf4c516fab41e16644c7e43e3c559d320a8fa4451beb028364e776b130998fe4df019059feb6d859fba1a
- SSDEEP
  
  1536:v04J02MiJNBCzHoWRJqBS0WTZ4WliLFcHo5A4PXHuAkl5zCH:M4xVJNKodM7iLiHo5LWAE5zY
Score

8^/10

persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistenceprivilege_escalation

behavioral2

persistenceprivilege_escalation