629b472ac27575824ac286de9adf45cd628f031ea57dd11c3d398f5d302d3448 | Triage

Sharing

General

Target

acb94703932c0fd6c4fded67b38263a7_JaffaCakes118
Size

92KB
Sample

240819-1rdbdaxfrc
MD5

acb94703932c0fd6c4fded67b38263a7
SHA1

129c6c35f7118401961209ba05f1a00a51ec0862
SHA256

629b472ac27575824ac286de9adf45cd628f031ea57dd11c3d398f5d302d3448
SHA512

8f01b3dbebae1765c5e627f03d0a294674bdc79de580acaa4e9d6d8ab4225a98a3de8ee1346a59aba7eb8fcd10f718a65e5b503d3e35d035486e4bf3535ccbf8
SSDEEP

1536:+E9jBF+nXqQ0FptPPAxwvZS7t/xnoOY2Y3GUohQ02UOuAoaAEhEacLfHwzGo:vjj+nYpowI5/xnoJJuO0SyacszGo

Score

8^/10

discovery persistence privilege_escalation

Malware Config

Targets

- Target
  
  acb94703932c0fd6c4fded67b38263a7_JaffaCakes118
- Size
  
  92KB
- MD5
  
  acb94703932c0fd6c4fded67b38263a7
- SHA1
  
  129c6c35f7118401961209ba05f1a00a51ec0862
- SHA256
  
  629b472ac27575824ac286de9adf45cd628f031ea57dd11c3d398f5d302d3448
- SHA512
  
  8f01b3dbebae1765c5e627f03d0a294674bdc79de580acaa4e9d6d8ab4225a98a3de8ee1346a59aba7eb8fcd10f718a65e5b503d3e35d035486e4bf3535ccbf8
- SSDEEP
  
  1536:+E9jBF+nXqQ0FptPPAxwvZS7t/xnoOY2Y3GUohQ02UOuAoaAEhEacLfHwzGo:vjj+nYpowI5/xnoJJuO0SyacszGo
Score

8^/10

discovery persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceprivilege_escalation

behavioral2

discoverypersistenceprivilege_escalation