88e05303b34e409d33875ebf2a98fbea5918572b531f67cc74c02e518a3728c7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bb66a0bd25a8c5a24fb0df1fbff508bc_JaffaCakes118
Size

92KB
Sample

240823-mr6q2azajh
MD5

bb66a0bd25a8c5a24fb0df1fbff508bc
SHA1

3f7d6bbf1c932c668cab1da20ffd27b388ec40bd
SHA256

88e05303b34e409d33875ebf2a98fbea5918572b531f67cc74c02e518a3728c7
SHA512

a0a49784cfa92ba5acabc15eb0a7c177638f51e6e1b691a89234ed6a32a9e82735909e7c3a22e4c25e79a70cd9b37f2dd48036cd8ede2304a629d12b9ff02929
SSDEEP

1536:AWd7OZDeKOf3TRjXYZEK7dTmG7mBQoZwAEhEacLfHwzGo:pdaZDZQXYd7pv2UyacszGo

Score

8^/10

discovery persistence privilege_escalation

Malware Config

Targets

- Target
  
  bb66a0bd25a8c5a24fb0df1fbff508bc_JaffaCakes118
- Size
  
  92KB
- MD5
  
  bb66a0bd25a8c5a24fb0df1fbff508bc
- SHA1
  
  3f7d6bbf1c932c668cab1da20ffd27b388ec40bd
- SHA256
  
  88e05303b34e409d33875ebf2a98fbea5918572b531f67cc74c02e518a3728c7
- SHA512
  
  a0a49784cfa92ba5acabc15eb0a7c177638f51e6e1b691a89234ed6a32a9e82735909e7c3a22e4c25e79a70cd9b37f2dd48036cd8ede2304a629d12b9ff02929
- SSDEEP
  
  1536:AWd7OZDeKOf3TRjXYZEK7dTmG7mBQoZwAEhEacLfHwzGo:pdaZDZQXYd7pv2UyacszGo
Score

8^/10

discovery persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceprivilege_escalation

behavioral2

discoverypersistenceprivilege_escalation