05dda7326f0d644e3ea7b7073a494f43491a7dfc8240bd2b1d4fbc637ed93175 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a53b235dda4591968fdabeb6c745c3f9_JaffaCakes118
Size

96KB
Sample

240818-d5mqmswcrq
MD5

a53b235dda4591968fdabeb6c745c3f9
SHA1

bfdd9c3176f4df5e9555cc75a43760b5f9949f07
SHA256

05dda7326f0d644e3ea7b7073a494f43491a7dfc8240bd2b1d4fbc637ed93175
SHA512

4b0d44f5d83454d53f134b3816a5dcf8f1870671eab532623c0eba2d88c5ac0991a7696e905fbba41ca1e4d196729d1d210a419fb1e5d1c97696d9e9f280c13e
SSDEEP

1536:ngYQzpyXc4zI6kGlRinrhy1rVS+1iqreDWezi3geKq9vVoAu:nmzOV9kG7maTiqrmzEKUvVo/

Score

8^/10

discovery persistence privilege_escalation

Malware Config

Targets

- Target
  
  a53b235dda4591968fdabeb6c745c3f9_JaffaCakes118
- Size
  
  96KB
- MD5
  
  a53b235dda4591968fdabeb6c745c3f9
- SHA1
  
  bfdd9c3176f4df5e9555cc75a43760b5f9949f07
- SHA256
  
  05dda7326f0d644e3ea7b7073a494f43491a7dfc8240bd2b1d4fbc637ed93175
- SHA512
  
  4b0d44f5d83454d53f134b3816a5dcf8f1870671eab532623c0eba2d88c5ac0991a7696e905fbba41ca1e4d196729d1d210a419fb1e5d1c97696d9e9f280c13e
- SSDEEP
  
  1536:ngYQzpyXc4zI6kGlRinrhy1rVS+1iqreDWezi3geKq9vVoAu:nmzOV9kG7maTiqrmzEKUvVo/
Score

8^/10

discovery persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceprivilege_escalation

behavioral2

discoverypersistenceprivilege_escalation