02da608b5f42214dd156fd32de1864b6a31b3e8bc0f62a16636c3043c91be2b4 | Triage

Sharing

General

Target

abf595783abaa070171d47c39b095eeb_JaffaCakes118
Size

100KB
Sample

240819-v98bksxdnb
MD5

abf595783abaa070171d47c39b095eeb
SHA1

37cfff56d2665cd0e9c4b0c8d2c25b14c590f860
SHA256

02da608b5f42214dd156fd32de1864b6a31b3e8bc0f62a16636c3043c91be2b4
SHA512

5c14c664e18b4b2a4df8a0a77b49ff7f7e69b9c2582983b39325cf36270a83145675ddbc05662742c83bb2647a819259181e7e1410d10bc260d24d4c37e08822
SSDEEP

3072:eC+QzNWOFxoTdzSvcyViXsuTSnohJlId:eqYOF6TdzSvcFPId

Score

8^/10

discovery persistence privilege_escalation

Malware Config

Targets

- Target
  
  abf595783abaa070171d47c39b095eeb_JaffaCakes118
- Size
  
  100KB
- MD5
  
  abf595783abaa070171d47c39b095eeb
- SHA1
  
  37cfff56d2665cd0e9c4b0c8d2c25b14c590f860
- SHA256
  
  02da608b5f42214dd156fd32de1864b6a31b3e8bc0f62a16636c3043c91be2b4
- SHA512
  
  5c14c664e18b4b2a4df8a0a77b49ff7f7e69b9c2582983b39325cf36270a83145675ddbc05662742c83bb2647a819259181e7e1410d10bc260d24d4c37e08822
- SSDEEP
  
  3072:eC+QzNWOFxoTdzSvcyViXsuTSnohJlId:eqYOF6TdzSvcFPId
Score

8^/10

discovery persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceprivilege_escalation

behavioral2

discoverypersistenceprivilege_escalation