3cab2911a45143eab5d5936ff49c3d3f2f124f17d5af37fd354bce743f049f2c | Triage

Sharing

General

Target

8a24a49b8084c9f9a5253b8c61a92604_JaffaCakes118
Size

92KB
Sample

240811-nba5vsxamn
MD5

8a24a49b8084c9f9a5253b8c61a92604
SHA1

24701e7f2621ce930a773e9084150eab44921610
SHA256

3cab2911a45143eab5d5936ff49c3d3f2f124f17d5af37fd354bce743f049f2c
SHA512

fcfaea1e68cc74f29c78c4e913d5bf201890af5b051a53106ca9c9ea7028f04df91b9ae39aa6b50ec4c2be6b209c9014f612aafd64be664a134d9579eb0cda25
SSDEEP

1536:EfzVb/lky1c81RmxrqxKH5mrvS4V0XTsT464tRpI+EVqOj8FIGoCJlIU:Ixjr1tmxjHSvS4V0XIT49re+wqOzGoCX

Score

8^/10

discovery persistence privilege_escalation

Malware Config

Targets

- Target
  
  8a24a49b8084c9f9a5253b8c61a92604_JaffaCakes118
- Size
  
  92KB
- MD5
  
  8a24a49b8084c9f9a5253b8c61a92604
- SHA1
  
  24701e7f2621ce930a773e9084150eab44921610
- SHA256
  
  3cab2911a45143eab5d5936ff49c3d3f2f124f17d5af37fd354bce743f049f2c
- SHA512
  
  fcfaea1e68cc74f29c78c4e913d5bf201890af5b051a53106ca9c9ea7028f04df91b9ae39aa6b50ec4c2be6b209c9014f612aafd64be664a134d9579eb0cda25
- SSDEEP
  
  1536:EfzVb/lky1c81RmxrqxKH5mrvS4V0XTsT464tRpI+EVqOj8FIGoCJlIU:Ixjr1tmxjHSvS4V0XIT49re+wqOzGoCX
Score

8^/10

discovery persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceprivilege_escalation

behavioral2

discoverypersistenceprivilege_escalation