4c5cf5ef8df5a339490c46d3c3a3c33f1c79a9a4f9a0b5b03287c2eb8b66b229 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a03c9ec90eb52357527b0c06954976bc_JaffaCakes118
Size

92KB
Sample

240816-2qctwssbka
MD5

a03c9ec90eb52357527b0c06954976bc
SHA1

c5702edd70173175b4d6a8cc4928cc40ea4eccea
SHA256

4c5cf5ef8df5a339490c46d3c3a3c33f1c79a9a4f9a0b5b03287c2eb8b66b229
SHA512

633301aec8aa1e34ecf1cd209f4a176f8a2659c0d3437fb49b3d5ae2eaa82a76cd67b369bb4f5962042546dca7000b3bd403bbde636000a0d1d9632721e41121
SSDEEP

1536:Jo/JuuolTtNAkUc+XWlZSjZHvmkna/0V1x/EXhSNbxnEIoxMWNLzMo:kJuplTt/UvXWlQjZHBg0V1iStxaxxlzv

Score

8^/10

discovery persistence privilege_escalation

Malware Config

Targets

- Target
  
  a03c9ec90eb52357527b0c06954976bc_JaffaCakes118
- Size
  
  92KB
- MD5
  
  a03c9ec90eb52357527b0c06954976bc
- SHA1
  
  c5702edd70173175b4d6a8cc4928cc40ea4eccea
- SHA256
  
  4c5cf5ef8df5a339490c46d3c3a3c33f1c79a9a4f9a0b5b03287c2eb8b66b229
- SHA512
  
  633301aec8aa1e34ecf1cd209f4a176f8a2659c0d3437fb49b3d5ae2eaa82a76cd67b369bb4f5962042546dca7000b3bd403bbde636000a0d1d9632721e41121
- SSDEEP
  
  1536:Jo/JuuolTtNAkUc+XWlZSjZHvmkna/0V1x/EXhSNbxnEIoxMWNLzMo:kJuplTt/UvXWlQjZHBg0V1iStxaxxlzv
Score

8^/10

discovery persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceprivilege_escalation

behavioral2

discoverypersistenceprivilege_escalation