908185b4d96e5aed63fc79d51359d1c7cfd3bdc1f0fa122bdda2f8745fc8532b | Triage

Sharing

General

Target

7178eb0e9020258d623efcbbf4b0c93d_JaffaCakes118
Size

100KB
Sample

240725-197b6sycrr
MD5

7178eb0e9020258d623efcbbf4b0c93d
SHA1

3c57cfc440e353d7f2ffb9dde10dab422993f03a
SHA256

908185b4d96e5aed63fc79d51359d1c7cfd3bdc1f0fa122bdda2f8745fc8532b
SHA512

75b6057dcec41c46efe11ae7699faeddc7d2f6e240763768096cedb2895970b418079b79da3c96a81f6ce47d6233357754fd08f64b0d651ae5adec26382b3f6e
SSDEEP

1536:IjoyHSyN2xJ453qDn0E9wejXocK8c71Hyb1i/W0XtojDhH1MyDXLHoXSSSeSSS+y:0HzEeqDnNTXdK8c7FybY/9et17rLHof

Score

8^/10

discovery persistence privilege_escalation

Malware Config

Targets

- Target
  
  7178eb0e9020258d623efcbbf4b0c93d_JaffaCakes118
- Size
  
  100KB
- MD5
  
  7178eb0e9020258d623efcbbf4b0c93d
- SHA1
  
  3c57cfc440e353d7f2ffb9dde10dab422993f03a
- SHA256
  
  908185b4d96e5aed63fc79d51359d1c7cfd3bdc1f0fa122bdda2f8745fc8532b
- SHA512
  
  75b6057dcec41c46efe11ae7699faeddc7d2f6e240763768096cedb2895970b418079b79da3c96a81f6ce47d6233357754fd08f64b0d651ae5adec26382b3f6e
- SSDEEP
  
  1536:IjoyHSyN2xJ453qDn0E9wejXocK8c71Hyb1i/W0XtojDhH1MyDXLHoXSSSeSSS+y:0HzEeqDnNTXdK8c7FybY/9et17rLHof
Score

8^/10

discovery persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceprivilege_escalation

behavioral2

discoverypersistenceprivilege_escalation