b6d7db24059ebea35843a89e869c62a93cc27ed1e25d3024ff87a46a397d054b | Triage

Sharing

General

Target

866c536052ce47ec847e675b982ca217_JaffaCakes118
Size

84KB
Sample

240810-rvqw7sxepg
MD5

866c536052ce47ec847e675b982ca217
SHA1

37394666b86c4bbee413c4c01c96b7fbce0de27b
SHA256

b6d7db24059ebea35843a89e869c62a93cc27ed1e25d3024ff87a46a397d054b
SHA512

527a28ae7e4695de590a525b3698a419fe12df821cccf787bc2695d5895f98fbe4b4adf346f189dd16dbfc06382377f2979ecafb6de128065a31b5f8d5446f9b
SSDEEP

1536:wlGyfIcwdIschM+nFS5AppKHPuLitPNaoWoht5SvF7LHoB:kG4XwOschMGt6tt13T5I9LHoB

Score

8^/10

discovery persistence privilege_escalation

Malware Config

Targets

- Target
  
  866c536052ce47ec847e675b982ca217_JaffaCakes118
- Size
  
  84KB
- MD5
  
  866c536052ce47ec847e675b982ca217
- SHA1
  
  37394666b86c4bbee413c4c01c96b7fbce0de27b
- SHA256
  
  b6d7db24059ebea35843a89e869c62a93cc27ed1e25d3024ff87a46a397d054b
- SHA512
  
  527a28ae7e4695de590a525b3698a419fe12df821cccf787bc2695d5895f98fbe4b4adf346f189dd16dbfc06382377f2979ecafb6de128065a31b5f8d5446f9b
- SSDEEP
  
  1536:wlGyfIcwdIschM+nFS5AppKHPuLitPNaoWoht5SvF7LHoB:kG4XwOschMGt6tt13T5I9LHoB
Score

8^/10

discovery persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceprivilege_escalation

behavioral2

discoverypersistenceprivilege_escalation