59c1f8eb24a9b7227cf301c1c62bce69868ac83d5fb968d52c1a7c0c55165eed | Triage

Sharing

Copy URL Twitter E-mail

General

Target

96471aa9e216cda0c03b4871c8c370b7_JaffaCakes118
Size

92KB
Sample

240814-qnkwyavapf
MD5

96471aa9e216cda0c03b4871c8c370b7
SHA1

9e6d2d9fe6f2035ac7da72d64cf3813ef1dc475c
SHA256

59c1f8eb24a9b7227cf301c1c62bce69868ac83d5fb968d52c1a7c0c55165eed
SHA512

4a6434ed6c26297778c8892193e8e974a7ca2dee60d86de2ce11f5d3f761aa012d2eb8bf323d34af1e53ed0568eaf8ab43db5f3c7db9f522b31914b2e1122672
SSDEEP

1536:wKMroa7mITzu8iJMm6h7RQ+HnCgz5zC23p+i61xl9zVqOj8FIGoCJlIU:xkj7mITzuxyHCq2Qp+H1xl95qOzGoCJF

Score

8^/10

discovery persistence privilege_escalation

Malware Config

Targets

- Target
  
  96471aa9e216cda0c03b4871c8c370b7_JaffaCakes118
- Size
  
  92KB
- MD5
  
  96471aa9e216cda0c03b4871c8c370b7
- SHA1
  
  9e6d2d9fe6f2035ac7da72d64cf3813ef1dc475c
- SHA256
  
  59c1f8eb24a9b7227cf301c1c62bce69868ac83d5fb968d52c1a7c0c55165eed
- SHA512
  
  4a6434ed6c26297778c8892193e8e974a7ca2dee60d86de2ce11f5d3f761aa012d2eb8bf323d34af1e53ed0568eaf8ab43db5f3c7db9f522b31914b2e1122672
- SSDEEP
  
  1536:wKMroa7mITzu8iJMm6h7RQ+HnCgz5zC23p+i61xl9zVqOj8FIGoCJlIU:xkj7mITzuxyHCq2Qp+H1xl95qOzGoCJF
Score

8^/10

discovery persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceprivilege_escalation

behavioral2

discoverypersistenceprivilege_escalation