8ed74e64a0c9d7eb3b2b5eca300b5428a61b566ce7101ce3579b6d09250fe889 | Triage

Sharing

General

Target

a734eaf7f4be7f1b0c0020abbffa3076_JaffaCakes118
Size

88KB
Sample

240818-szm7jstbrk
MD5

a734eaf7f4be7f1b0c0020abbffa3076
SHA1

7ed42fb56a7ecd1ba5df837994ccfab14798c6f6
SHA256

8ed74e64a0c9d7eb3b2b5eca300b5428a61b566ce7101ce3579b6d09250fe889
SHA512

ea82d6b2e527c5389968e43a504b18b3c633f5629cc8107831f769de060870d3cdc56c835e2aeac89888ef9fc10e1548a98b9aa44a3c2f8ff796f44c01d1a15e
SSDEEP

1536:Eab4O/kqTjNMRg7fPzmf+XAyCiKTq9ApU2O0eW5VvkQDY/3So5Jv:ED4NMe7imXA9ig+ApUjGkQc/3So5

Score

8^/10

discovery persistence privilege_escalation

Malware Config

Targets

- Target
  
  a734eaf7f4be7f1b0c0020abbffa3076_JaffaCakes118
- Size
  
  88KB
- MD5
  
  a734eaf7f4be7f1b0c0020abbffa3076
- SHA1
  
  7ed42fb56a7ecd1ba5df837994ccfab14798c6f6
- SHA256
  
  8ed74e64a0c9d7eb3b2b5eca300b5428a61b566ce7101ce3579b6d09250fe889
- SHA512
  
  ea82d6b2e527c5389968e43a504b18b3c633f5629cc8107831f769de060870d3cdc56c835e2aeac89888ef9fc10e1548a98b9aa44a3c2f8ff796f44c01d1a15e
- SSDEEP
  
  1536:Eab4O/kqTjNMRg7fPzmf+XAyCiKTq9ApU2O0eW5VvkQDY/3So5Jv:ED4NMe7imXA9ig+ApUjGkQc/3So5
Score

8^/10

discovery persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceprivilege_escalation

behavioral2

discoverypersistenceprivilege_escalation