5545528c37fa8392964ca1203c6d61d4233bba71a9e2e366e96112d3c6f8a85c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5c8bc545bc39465afa2e1c33d501793d_JaffaCakes118
Size

100KB
Sample

240719-syffbaxhjj
MD5

5c8bc545bc39465afa2e1c33d501793d
SHA1

d19be528959ac873e9fa0d7654fec9042eb6fe9c
SHA256

5545528c37fa8392964ca1203c6d61d4233bba71a9e2e366e96112d3c6f8a85c
SHA512

b87113acaac065611af0e8f0e3d55738bbeb0b330627202c94a21c7a60fde1dccc844d1acc998bee3075780bea6d941cecb0fd404a38e9fdfdfbf518be3dd9e4
SSDEEP

3072:SipBqHh1NZyq0KBfnI9ndIIOoVovqiG3sa7x0YPLgo47Y:Tp+hXUq4Ou4LMNI7Y

Score

8^/10

persistence privilege_escalation

Malware Config

Targets

- Target
  
  5c8bc545bc39465afa2e1c33d501793d_JaffaCakes118
- Size
  
  100KB
- MD5
  
  5c8bc545bc39465afa2e1c33d501793d
- SHA1
  
  d19be528959ac873e9fa0d7654fec9042eb6fe9c
- SHA256
  
  5545528c37fa8392964ca1203c6d61d4233bba71a9e2e366e96112d3c6f8a85c
- SHA512
  
  b87113acaac065611af0e8f0e3d55738bbeb0b330627202c94a21c7a60fde1dccc844d1acc998bee3075780bea6d941cecb0fd404a38e9fdfdfbf518be3dd9e4
- SSDEEP
  
  3072:SipBqHh1NZyq0KBfnI9ndIIOoVovqiG3sa7x0YPLgo47Y:Tp+hXUq4Ou4LMNI7Y
Score

8^/10

persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistenceprivilege_escalation

behavioral2

persistenceprivilege_escalation