0d5f96d036f3c77a99db83acfe6bc1de841d73a96dc15e509de4cdf7112687ce | Triage

Sharing

General

Target

8258137f9e14754cff83b6e6db6fe8ae_JaffaCakes118
Size

78KB
Sample

240802-ave19svdkp
MD5

8258137f9e14754cff83b6e6db6fe8ae
SHA1

b7d5ee551fb48928de372cb586034198d2ecb972
SHA256

0d5f96d036f3c77a99db83acfe6bc1de841d73a96dc15e509de4cdf7112687ce
SHA512

7b9d896cc8e7125b7c728fd00e1b7e60c6d9e7b09cf0db826219ca3528e14a54b81df14553c62fd7490a90e3d35223c891f07af0b460b90e8bdb16e6c4b65964
SSDEEP

1536:GNLgqpFqBEg6D3hOUOEiEWDGOIzuDrnY0//Y5VwbRqiomJlIK:4LVp0Eg6NOUOEDWKOIzErnYAuwtqiomp

Score

8^/10

discovery persistence privilege_escalation

Malware Config

Targets

- Target
  
  8258137f9e14754cff83b6e6db6fe8ae_JaffaCakes118
- Size
  
  78KB
- MD5
  
  8258137f9e14754cff83b6e6db6fe8ae
- SHA1
  
  b7d5ee551fb48928de372cb586034198d2ecb972
- SHA256
  
  0d5f96d036f3c77a99db83acfe6bc1de841d73a96dc15e509de4cdf7112687ce
- SHA512
  
  7b9d896cc8e7125b7c728fd00e1b7e60c6d9e7b09cf0db826219ca3528e14a54b81df14553c62fd7490a90e3d35223c891f07af0b460b90e8bdb16e6c4b65964
- SSDEEP
  
  1536:GNLgqpFqBEg6D3hOUOEiEWDGOIzuDrnY0//Y5VwbRqiomJlIK:4LVp0Eg6NOUOEDWKOIzErnYAuwtqiomp
Score

8^/10

discovery persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistenceprivilege_escalation