40cabfe90536b61f8d52e844c93782edffacdfd32d3114768a3914fb8b4288dc | Triage

Sharing

General

Target

82bc67737fd080e760d40ebea8ad67bc_JaffaCakes118
Size

88KB
Sample

240802-c5ybps1elr
MD5

82bc67737fd080e760d40ebea8ad67bc
SHA1

42da09d5e5092a200a6980a10201b669c5245f8d
SHA256

40cabfe90536b61f8d52e844c93782edffacdfd32d3114768a3914fb8b4288dc
SHA512

b2b96d06fc51e6a5fe81d59258b8097e2f65a352fe8c167de25bfc2de8fa75e9158cac353682a5d8821673cfee1bbe0bcd4207264c470bca3126122464a415fd
SSDEEP

1536:p7aGZhDfzuwm8HSSIaapkrSCgUtnEEEC7xZopSluTHT9KoTJlIU:pZZhfW8mXAnBEC7oEkrhKoTJlIU

Score

8^/10

discovery persistence privilege_escalation

Malware Config

Targets

- Target
  
  82bc67737fd080e760d40ebea8ad67bc_JaffaCakes118
- Size
  
  88KB
- MD5
  
  82bc67737fd080e760d40ebea8ad67bc
- SHA1
  
  42da09d5e5092a200a6980a10201b669c5245f8d
- SHA256
  
  40cabfe90536b61f8d52e844c93782edffacdfd32d3114768a3914fb8b4288dc
- SHA512
  
  b2b96d06fc51e6a5fe81d59258b8097e2f65a352fe8c167de25bfc2de8fa75e9158cac353682a5d8821673cfee1bbe0bcd4207264c470bca3126122464a415fd
- SSDEEP
  
  1536:p7aGZhDfzuwm8HSSIaapkrSCgUtnEEEC7xZopSluTHT9KoTJlIU:pZZhfW8mXAnBEC7oEkrhKoTJlIU
Score

8^/10

discovery persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceprivilege_escalation

behavioral2

discoverypersistenceprivilege_escalation