8dbc3f32c007056faf6dc87739bc3ec69b355d91d81ad500bbb7e5a68284b727 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5ef11820d90bb75cd4937292c81abd45_JaffaCakes118
Size

104KB
Sample

240720-eh7b7svgjj
MD5

5ef11820d90bb75cd4937292c81abd45
SHA1

511b68872952473300401707c410792d33f76329
SHA256

8dbc3f32c007056faf6dc87739bc3ec69b355d91d81ad500bbb7e5a68284b727
SHA512

14bdc2542833a537aa618f44bf7ed6141cb477f4ed503d8d45065ac92f43969f61ed0bb76c5dcc52f9db4cc57900cb5f6e0dc67bc1eb312cac158e41adc8e09d
SSDEEP

3072:i+BoJVcwzFUWh1JMUtYguAlOebBgyoD0:0JVdFUWKmx9qG

Score

8^/10

persistence privilege_escalation

Malware Config

Targets

- Target
  
  5ef11820d90bb75cd4937292c81abd45_JaffaCakes118
- Size
  
  104KB
- MD5
  
  5ef11820d90bb75cd4937292c81abd45
- SHA1
  
  511b68872952473300401707c410792d33f76329
- SHA256
  
  8dbc3f32c007056faf6dc87739bc3ec69b355d91d81ad500bbb7e5a68284b727
- SHA512
  
  14bdc2542833a537aa618f44bf7ed6141cb477f4ed503d8d45065ac92f43969f61ed0bb76c5dcc52f9db4cc57900cb5f6e0dc67bc1eb312cac158e41adc8e09d
- SSDEEP
  
  3072:i+BoJVcwzFUWh1JMUtYguAlOebBgyoD0:0JVdFUWKmx9qG
Score

8^/10

persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistenceprivilege_escalation

behavioral2

persistenceprivilege_escalation