d887a7cfa2034e9376aaf12fff1c2aa6ff984bd92d0a2772964a1b17e2fd6487 | Triage

Sharing

General

Target

762c2856eecd0eeef1e3bff4bb709e55_JaffaCakes118
Size

104KB
Sample

240726-3cs5dsvbmb
MD5

762c2856eecd0eeef1e3bff4bb709e55
SHA1

c7ff23b4c2208b4ecd254484b8de101fbe33d13b
SHA256

d887a7cfa2034e9376aaf12fff1c2aa6ff984bd92d0a2772964a1b17e2fd6487
SHA512

1ad042e571f8b647529382c310324489f447e46e9cb6debc47e90341bfc02cf4b3f2b889671ae3a704740cb609ad9e200fb88984f8e8fc2d0e0e84f3b2c61a8a
SSDEEP

1536:1qjT1AGQUy0b36B/XBBXhiYMJCpsXynoBcJlId:1ynQUy0r6BDFJpsCnoWJlId

Score

8^/10

discovery persistence privilege_escalation

Malware Config

Targets

- Target
  
  762c2856eecd0eeef1e3bff4bb709e55_JaffaCakes118
- Size
  
  104KB
- MD5
  
  762c2856eecd0eeef1e3bff4bb709e55
- SHA1
  
  c7ff23b4c2208b4ecd254484b8de101fbe33d13b
- SHA256
  
  d887a7cfa2034e9376aaf12fff1c2aa6ff984bd92d0a2772964a1b17e2fd6487
- SHA512
  
  1ad042e571f8b647529382c310324489f447e46e9cb6debc47e90341bfc02cf4b3f2b889671ae3a704740cb609ad9e200fb88984f8e8fc2d0e0e84f3b2c61a8a
- SSDEEP
  
  1536:1qjT1AGQUy0b36B/XBBXhiYMJCpsXynoBcJlId:1ynQUy0r6BDFJpsCnoWJlId
Score

8^/10

discovery persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceprivilege_escalation

behavioral2

discoverypersistenceprivilege_escalation