3b23dce1f672f8516ae09fa3d79c691c0488ed8ae93fa8ba64b9d406250dd3a9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

942725c524397a46ac5419dc183cfaa6_JaffaCakes118
Size

104KB
Sample

240813-wlw43ssgqq
MD5

942725c524397a46ac5419dc183cfaa6
SHA1

97021d1b2ce3f6a46a9ab929ee4925327a399210
SHA256

3b23dce1f672f8516ae09fa3d79c691c0488ed8ae93fa8ba64b9d406250dd3a9
SHA512

6b7464bc1957870393ca8c392513eb99ed980b6b570e22c441adc0173993841a8e0b4bdaabd5bfcb00715e00d488a8938466dbceb6c3a1aad14191322f5da429
SSDEEP

1536:fJh9votKjpfoowSed2XiP4ggkI+m8QNoJFYbceu+nBgyoDPj6mQ:fJrQ4gowZd2XiPM32DlebBgyoD0

Score

8^/10

discovery persistence privilege_escalation

Malware Config

Targets

- Target
  
  942725c524397a46ac5419dc183cfaa6_JaffaCakes118
- Size
  
  104KB
- MD5
  
  942725c524397a46ac5419dc183cfaa6
- SHA1
  
  97021d1b2ce3f6a46a9ab929ee4925327a399210
- SHA256
  
  3b23dce1f672f8516ae09fa3d79c691c0488ed8ae93fa8ba64b9d406250dd3a9
- SHA512
  
  6b7464bc1957870393ca8c392513eb99ed980b6b570e22c441adc0173993841a8e0b4bdaabd5bfcb00715e00d488a8938466dbceb6c3a1aad14191322f5da429
- SSDEEP
  
  1536:fJh9votKjpfoowSed2XiP4ggkI+m8QNoJFYbceu+nBgyoDPj6mQ:fJrQ4gowZd2XiPM32DlebBgyoD0
Score

8^/10

discovery persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceprivilege_escalation

behavioral2

discoverypersistenceprivilege_escalation