95b77e9643806ee61948607e5b8863b37122afe4dc716573d3e5d56f1d7d5a71 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

64379585fa1aa8008c59c3c50a22c9d4_JaffaCakes118
Size

92KB
Sample

240722-wnbk6azhmm
MD5

64379585fa1aa8008c59c3c50a22c9d4
SHA1

39377eba9e9aa85368f4fb77baa0c9394921c5fd
SHA256

95b77e9643806ee61948607e5b8863b37122afe4dc716573d3e5d56f1d7d5a71
SHA512

602537de2a5c5b3dbb8bbf58119da8c70da696eece01927d73c6381c99d84a7171390f313550a1f7eccc19cefdf34b00aa35a99ab82c4a99c801fba00a2e147a
SSDEEP

1536:ZlWHMoOYa2OPcoJzBykmbli8pcguGDAhVqOj8FIGoCJlIU:ZlWnOvzNm5fctbqOzGoCJlIU

Score

8^/10

persistence privilege_escalation

Malware Config

Targets

- Target
  
  64379585fa1aa8008c59c3c50a22c9d4_JaffaCakes118
- Size
  
  92KB
- MD5
  
  64379585fa1aa8008c59c3c50a22c9d4
- SHA1
  
  39377eba9e9aa85368f4fb77baa0c9394921c5fd
- SHA256
  
  95b77e9643806ee61948607e5b8863b37122afe4dc716573d3e5d56f1d7d5a71
- SHA512
  
  602537de2a5c5b3dbb8bbf58119da8c70da696eece01927d73c6381c99d84a7171390f313550a1f7eccc19cefdf34b00aa35a99ab82c4a99c801fba00a2e147a
- SSDEEP
  
  1536:ZlWHMoOYa2OPcoJzBykmbli8pcguGDAhVqOj8FIGoCJlIU:ZlWnOvzNm5fctbqOzGoCJlIU
Score

8^/10

persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistenceprivilege_escalation

behavioral2

persistenceprivilege_escalation