c24a078f8b5ed66824ca997c53ce841c315d2b256dd071bf2952be00d1c10ff9 | Triage

Sharing

General

Target

65da56f1e24f9a37d7183b06781b541f_JaffaCakes118
Size

92KB
Sample

240723-dbqkfatclb
MD5

65da56f1e24f9a37d7183b06781b541f
SHA1

c859ef44b5867e9b1e55421df49c9a44dbc3aa0d
SHA256

c24a078f8b5ed66824ca997c53ce841c315d2b256dd071bf2952be00d1c10ff9
SHA512

aa626c0967b2080fe9336ebd35a02a9044388461502c99021bef13b8f0a0e2274e0576ebf714696f449815164d6bb88b0821eacb941d130f5bd348c1fe40b364
SSDEEP

1536:YvaXRrf4vi7A4rORA9ukYTnbmH+dOLSGoxMWNLzMo:YiXJf4vCO//bm45LxxlzMo

Score

8^/10

persistence privilege_escalation

Malware Config

Targets

- Target
  
  65da56f1e24f9a37d7183b06781b541f_JaffaCakes118
- Size
  
  92KB
- MD5
  
  65da56f1e24f9a37d7183b06781b541f
- SHA1
  
  c859ef44b5867e9b1e55421df49c9a44dbc3aa0d
- SHA256
  
  c24a078f8b5ed66824ca997c53ce841c315d2b256dd071bf2952be00d1c10ff9
- SHA512
  
  aa626c0967b2080fe9336ebd35a02a9044388461502c99021bef13b8f0a0e2274e0576ebf714696f449815164d6bb88b0821eacb941d130f5bd348c1fe40b364
- SSDEEP
  
  1536:YvaXRrf4vi7A4rORA9ukYTnbmH+dOLSGoxMWNLzMo:YiXJf4vCO//bm45LxxlzMo
Score

8^/10

persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistenceprivilege_escalation

behavioral2

persistenceprivilege_escalation