cf790031a0317cc1abb943dab164732c6d675adbadcb92ef06a41db87802f9a8 | Triage

Sharing

General

Target

81c19d79d61dac23a20cfb61dd3d4379_JaffaCakes118
Size

92KB
Sample

240801-zjnxgazgph
MD5

81c19d79d61dac23a20cfb61dd3d4379
SHA1

361b815e248383ad6d7decd3ea3c2012eefce613
SHA256

cf790031a0317cc1abb943dab164732c6d675adbadcb92ef06a41db87802f9a8
SHA512

f3d263909ddfd90396a14b6ea9a4619aef7f5a0167bff166a630c4b6e7432db0ce726d6a6ce7f413640141d6be9560999c0b3e35d08ed62343c02a0101fbdfbe
SSDEEP

1536:OE61iH0KnqgH9/MyIkcBxgoUNoXHjgE/2VnoxMWNLzMo:76I0yqgH9/MrkAxgwjT/2VoxxlzMo

Score

8^/10

discovery persistence privilege_escalation

Malware Config

Targets

- Target
  
  81c19d79d61dac23a20cfb61dd3d4379_JaffaCakes118
- Size
  
  92KB
- MD5
  
  81c19d79d61dac23a20cfb61dd3d4379
- SHA1
  
  361b815e248383ad6d7decd3ea3c2012eefce613
- SHA256
  
  cf790031a0317cc1abb943dab164732c6d675adbadcb92ef06a41db87802f9a8
- SHA512
  
  f3d263909ddfd90396a14b6ea9a4619aef7f5a0167bff166a630c4b6e7432db0ce726d6a6ce7f413640141d6be9560999c0b3e35d08ed62343c02a0101fbdfbe
- SSDEEP
  
  1536:OE61iH0KnqgH9/MyIkcBxgoUNoXHjgE/2VnoxMWNLzMo:76I0yqgH9/MrkAxgwjT/2VoxxlzMo
Score

8^/10

discovery persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceprivilege_escalation

behavioral2

discoverypersistenceprivilege_escalation