f66b82171531eb41c92601dd68d4a460cc32971035b4d83e186ef520b04fd46f | Triage

Sharing

General

Target

63e31f00e18c182ab2040a75c674a940_JaffaCakes118
Size

104KB
Sample

240722-trl5ysxakj
MD5

63e31f00e18c182ab2040a75c674a940
SHA1

49d11cb18f52f0a86c5174646ce8157cb4889971
SHA256

f66b82171531eb41c92601dd68d4a460cc32971035b4d83e186ef520b04fd46f
SHA512

2d56ddaf8f6e44355242b85ab50bfdc4cfc4d995b24ee7627fecb54b9f3764e38616ccd0311ddeec5042317b12107abe109a2229e4289cc7f0dc39da3c452e36
SSDEEP

1536:K+LnMoK/Kk1v6AjuL5kwD12ceu+nBgyoDPj6mQ:K4Moc96AuL5NtebBgyoD0

Score

8^/10

persistence privilege_escalation

Malware Config

Targets

- Target
  
  63e31f00e18c182ab2040a75c674a940_JaffaCakes118
- Size
  
  104KB
- MD5
  
  63e31f00e18c182ab2040a75c674a940
- SHA1
  
  49d11cb18f52f0a86c5174646ce8157cb4889971
- SHA256
  
  f66b82171531eb41c92601dd68d4a460cc32971035b4d83e186ef520b04fd46f
- SHA512
  
  2d56ddaf8f6e44355242b85ab50bfdc4cfc4d995b24ee7627fecb54b9f3764e38616ccd0311ddeec5042317b12107abe109a2229e4289cc7f0dc39da3c452e36
- SSDEEP
  
  1536:K+LnMoK/Kk1v6AjuL5kwD12ceu+nBgyoDPj6mQ:K4Moc96AuL5NtebBgyoD0
Score

8^/10

persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistenceprivilege_escalation

behavioral2

persistenceprivilege_escalation