c9efcf3e8971be8952125cc0e4337cac88735979b84f971bcfa677c2fcbd8dbd | Triage

Sharing

General

Target

ba81b6b98c3325cf343d71404218a366_JaffaCakes118
Size

88KB
Sample

240823-f2hzdsxcjc
MD5

ba81b6b98c3325cf343d71404218a366
SHA1

b6b1a3349cc429bb92fa2509356ec1f73417f870
SHA256

c9efcf3e8971be8952125cc0e4337cac88735979b84f971bcfa677c2fcbd8dbd
SHA512

994a58c8f0f36934ae616f9061eaec6c736dec28e32244943908fa8507fddf29f25e757e38348f812c744b86decf97787f5e320fef7694d91813fc375c663c6c
SSDEEP

1536:Sn1UyL4eFxDdQcF0oOjFs+fBHdTlNLUY/FOUL3Pds0f9oIM:EVTxKs0rWgBHh4YtjL3B9oR

Score

8^/10

discovery persistence privilege_escalation

Malware Config

Targets

- Target
  
  ba81b6b98c3325cf343d71404218a366_JaffaCakes118
- Size
  
  88KB
- MD5
  
  ba81b6b98c3325cf343d71404218a366
- SHA1
  
  b6b1a3349cc429bb92fa2509356ec1f73417f870
- SHA256
  
  c9efcf3e8971be8952125cc0e4337cac88735979b84f971bcfa677c2fcbd8dbd
- SHA512
  
  994a58c8f0f36934ae616f9061eaec6c736dec28e32244943908fa8507fddf29f25e757e38348f812c744b86decf97787f5e320fef7694d91813fc375c663c6c
- SSDEEP
  
  1536:Sn1UyL4eFxDdQcF0oOjFs+fBHdTlNLUY/FOUL3Pds0f9oIM:EVTxKs0rWgBHh4YtjL3B9oR
Score

8^/10

discovery persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceprivilege_escalation

behavioral2

discoverypersistenceprivilege_escalation