b6da578735b19164af156f3124787466f5b2ba69072b6e5a826fbff2430c7f73 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ac471407f19ae0eab740da4367fa2370_JaffaCakes118
Size

28KB
Sample

240819-x7rl6awapq
MD5

ac471407f19ae0eab740da4367fa2370
SHA1

d3c01ab905702e17a8a22fdaa13b6f9daa23878f
SHA256

b6da578735b19164af156f3124787466f5b2ba69072b6e5a826fbff2430c7f73
SHA512

9f9c94ec7dd348e7258da1b27aeaa42fbf5fa339653dd681fb4aa3b9024ba8e4d9bc1c6a59d19a6a911ea2b3c8e685818890ff0b420d18a7b7ace51a55ab8db0
SSDEEP

384:U6m6PV/22/kvTiZtBIAXjCpMANDs6tnSPV/22/:bHdn/42LiAX0suSdn/

Score

8^/10

discovery persistence privilege_escalation

Malware Config

Targets

- Target
  
  ac471407f19ae0eab740da4367fa2370_JaffaCakes118
- Size
  
  28KB
- MD5
  
  ac471407f19ae0eab740da4367fa2370
- SHA1
  
  d3c01ab905702e17a8a22fdaa13b6f9daa23878f
- SHA256
  
  b6da578735b19164af156f3124787466f5b2ba69072b6e5a826fbff2430c7f73
- SHA512
  
  9f9c94ec7dd348e7258da1b27aeaa42fbf5fa339653dd681fb4aa3b9024ba8e4d9bc1c6a59d19a6a911ea2b3c8e685818890ff0b420d18a7b7ace51a55ab8db0
- SSDEEP
  
  384:U6m6PV/22/kvTiZtBIAXjCpMANDs6tnSPV/22/:bHdn/42LiAX0suSdn/
Score

8^/10

discovery persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceprivilege_escalation

behavioral2

discoverypersistenceprivilege_escalation