a1b3ea19b9073b53bfa44a173a6c269a15bc6e84e86f35cbcc60edb73885b9af | Triage

Sharing

General

Target

780ed5b58f21bb54b4d2df9968e7cd21_JaffaCakes118
Size

96KB
Sample

240727-nm55dazglf
MD5

780ed5b58f21bb54b4d2df9968e7cd21
SHA1

6a14a98361bdf0b17db5169bb2e2a9fea97c2ead
SHA256

a1b3ea19b9073b53bfa44a173a6c269a15bc6e84e86f35cbcc60edb73885b9af
SHA512

67cf571d1260e28815791d7ffd34db873d25d6dd9909ee1fa8cc80dea262c67d8aa5f0894822b2b317147ad42669044666786d8856876aecb0a45a394b56b820
SSDEEP

1536:Zbll4jncd9KsK/g54XLYlwqCqQ6qCJ0Pof5mdWMARBTvZos0:t9jK/u8Llq7mCJ0wf5aARRvZot

Score

8^/10

discovery persistence privilege_escalation

Malware Config

Targets

- Target
  
  780ed5b58f21bb54b4d2df9968e7cd21_JaffaCakes118
- Size
  
  96KB
- MD5
  
  780ed5b58f21bb54b4d2df9968e7cd21
- SHA1
  
  6a14a98361bdf0b17db5169bb2e2a9fea97c2ead
- SHA256
  
  a1b3ea19b9073b53bfa44a173a6c269a15bc6e84e86f35cbcc60edb73885b9af
- SHA512
  
  67cf571d1260e28815791d7ffd34db873d25d6dd9909ee1fa8cc80dea262c67d8aa5f0894822b2b317147ad42669044666786d8856876aecb0a45a394b56b820
- SSDEEP
  
  1536:Zbll4jncd9KsK/g54XLYlwqCqQ6qCJ0Pof5mdWMARBTvZos0:t9jK/u8Llq7mCJ0wf5aARRvZot
Score

8^/10

discovery persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceprivilege_escalation

behavioral2

discoverypersistenceprivilege_escalation