6e242df83b6deb785d720c7956246ea7bb163c8df23067ac5534b654bfa37240 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

83d9f39ca60e8de3c415f7da12e39977_JaffaCakes118
Size

92KB
Sample

240809-2p3c6axcpg
MD5

83d9f39ca60e8de3c415f7da12e39977
SHA1

72a81539495c32fb8ec68e135701e797dc81ac21
SHA256

6e242df83b6deb785d720c7956246ea7bb163c8df23067ac5534b654bfa37240
SHA512

372004ee32b74e6dd95b554fe992328c2f2cecfb6d3f90bd18604d9b049ca2e886230f57c2d4c62e69a94052167ef89466606e03ad2fe665dfdc9535e9cd07c6
SSDEEP

1536:NMNGWui5lnfF2sC0Ss47CpPRU6IhLrB7bvnGwrdjY0D6CuhUk1sTLzMo:CN95DE8WGpPRUtBrBe0U00SKsPzMo

Score

8^/10

discovery persistence privilege_escalation

Malware Config

Targets

- Target
  
  83d9f39ca60e8de3c415f7da12e39977_JaffaCakes118
- Size
  
  92KB
- MD5
  
  83d9f39ca60e8de3c415f7da12e39977
- SHA1
  
  72a81539495c32fb8ec68e135701e797dc81ac21
- SHA256
  
  6e242df83b6deb785d720c7956246ea7bb163c8df23067ac5534b654bfa37240
- SHA512
  
  372004ee32b74e6dd95b554fe992328c2f2cecfb6d3f90bd18604d9b049ca2e886230f57c2d4c62e69a94052167ef89466606e03ad2fe665dfdc9535e9cd07c6
- SSDEEP
  
  1536:NMNGWui5lnfF2sC0Ss47CpPRU6IhLrB7bvnGwrdjY0D6CuhUk1sTLzMo:CN95DE8WGpPRUtBrBe0U00SKsPzMo
Score

8^/10

discovery persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceprivilege_escalation

behavioral2

discoverypersistenceprivilege_escalation