625441cf7686b54e82938d6167a50b06f11f86e78679e27645f2722e64efc875 | Triage

Sharing

General

Target

ba0ebaa558648fab49afea0c1fdeeb2e_JaffaCakes118
Size

3KB
Sample

240823-c8mpdatemq
MD5

ba0ebaa558648fab49afea0c1fdeeb2e
SHA1

1ec2b3e38e24c1af1ca25f3aebb0e863fc6bb1fa
SHA256

625441cf7686b54e82938d6167a50b06f11f86e78679e27645f2722e64efc875
SHA512

835dbcd5cb65cd3e91c7df1b27e0bf88aaa4ede1fe886f9f420e9d7214419e7701f828066070f9cba7a93053e192bbb3ed5396bc6087675ba059d84a12a9e593

Score

8^/10

discovery persistence privilege_escalation

Malware Config

Targets

- Target
  
  ba0ebaa558648fab49afea0c1fdeeb2e_JaffaCakes118
- Size
  
  3KB
- MD5
  
  ba0ebaa558648fab49afea0c1fdeeb2e
- SHA1
  
  1ec2b3e38e24c1af1ca25f3aebb0e863fc6bb1fa
- SHA256
  
  625441cf7686b54e82938d6167a50b06f11f86e78679e27645f2722e64efc875
- SHA512
  
  835dbcd5cb65cd3e91c7df1b27e0bf88aaa4ede1fe886f9f420e9d7214419e7701f828066070f9cba7a93053e192bbb3ed5396bc6087675ba059d84a12a9e593
Score

8^/10

discovery persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceprivilege_escalation

behavioral2

discoverypersistenceprivilege_escalation