79bdb428f32e4724e389d6a9dc1c82543d4d1b8716b012d835bd35a821763495 | Triage

Sharing

General

Target

ba41db2b7a5dcbae84151cc1f468ffad_JaffaCakes118
Size

96KB
Sample

240823-egva9atglc
MD5

ba41db2b7a5dcbae84151cc1f468ffad
SHA1

f2b84d5834e3e3a5b593f110c4b1235f43889bfa
SHA256

79bdb428f32e4724e389d6a9dc1c82543d4d1b8716b012d835bd35a821763495
SHA512

14cfe721f04307d561a58d5d6ec2070c1db22cbea171cdbccf09c97aa8bb78d28e41331b9651616a90dda98535f9295b57d56e2ae1066f803ac2b2340955ef1c
SSDEEP

1536:4HhXQfxpeSvEZ+JejneDEikUP/+VAlW4ZYPdSY0geKq9vVoAu:shgf2SakinwzVP/0Ao2eULKUvVo/

Score

8^/10

discovery persistence privilege_escalation

Malware Config

Targets

- Target
  
  ba41db2b7a5dcbae84151cc1f468ffad_JaffaCakes118
- Size
  
  96KB
- MD5
  
  ba41db2b7a5dcbae84151cc1f468ffad
- SHA1
  
  f2b84d5834e3e3a5b593f110c4b1235f43889bfa
- SHA256
  
  79bdb428f32e4724e389d6a9dc1c82543d4d1b8716b012d835bd35a821763495
- SHA512
  
  14cfe721f04307d561a58d5d6ec2070c1db22cbea171cdbccf09c97aa8bb78d28e41331b9651616a90dda98535f9295b57d56e2ae1066f803ac2b2340955ef1c
- SSDEEP
  
  1536:4HhXQfxpeSvEZ+JejneDEikUP/+VAlW4ZYPdSY0geKq9vVoAu:shgf2SakinwzVP/0Ao2eULKUvVo/
Score

8^/10

discovery persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceprivilege_escalation

behavioral2

discoverypersistenceprivilege_escalation