df2a34c693f8b60714cdee728fe5343489fbb5e9ff5d8d6a01092ad285562fdf | Triage

Sharing

General

Target

b0209fcc9f867dbfa7a857f1b6aebe5d_JaffaCakes118
Size

22KB
Sample

240820-vt4y8atgka
MD5

b0209fcc9f867dbfa7a857f1b6aebe5d
SHA1

c2b5cc9f72100eca241b079bd15656bd374bc402
SHA256

df2a34c693f8b60714cdee728fe5343489fbb5e9ff5d8d6a01092ad285562fdf
SHA512

d5451875fe88cc22abbd4402d3cd88c6a76043d4f82a258245c567560b17ff47d1054337ec11f329be2ffc24c379fe07203aefd3470341cb2d2449bc15acfd2c
SSDEEP

384:qOr5NKZ2CUgMsnSLBuQ3XQnk2kHIpEicHjOawFEYDnA0zEPMYYO2oRuqQ:xr5lH7gnxkHOcDOawaUEP6rQi

Score

10^/10

discovery evasion persistence privilege_escalation

Malware Config

Targets

- Target
  
  b0209fcc9f867dbfa7a857f1b6aebe5d_JaffaCakes118
- Size
  
  22KB
- MD5
  
  b0209fcc9f867dbfa7a857f1b6aebe5d
- SHA1
  
  c2b5cc9f72100eca241b079bd15656bd374bc402
- SHA256
  
  df2a34c693f8b60714cdee728fe5343489fbb5e9ff5d8d6a01092ad285562fdf
- SHA512
  
  d5451875fe88cc22abbd4402d3cd88c6a76043d4f82a258245c567560b17ff47d1054337ec11f329be2ffc24c379fe07203aefd3470341cb2d2449bc15acfd2c
- SSDEEP
  
  384:qOr5NKZ2CUgMsnSLBuQ3XQnk2kHIpEicHjOawFEYDnA0zEPMYYO2oRuqQ:xr5lH7gnxkHOcDOawaUEP6rQi
Score

10^/10

discovery evasion persistence privilege_escalation
- Modifies firewall policy service
  evasion
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Create or Modify System Process

Windows Service

Event Triggered Execution

AppInit DLLs

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistenceprivilege_escalation

behavioral2

discoveryevasionpersistenceprivilege_escalation