c8fb7c21044174eff8312ab0a9e032e7a19d36cf8bebe01c8e1ca04307b08232 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bc01619169a7c1f78eb319b8df3f6656_JaffaCakes118
Size

88KB
Sample

240823-q7129szgqn
MD5

bc01619169a7c1f78eb319b8df3f6656
SHA1

d2e5de03b14b76c1e96473ed84624621988aba83
SHA256

c8fb7c21044174eff8312ab0a9e032e7a19d36cf8bebe01c8e1ca04307b08232
SHA512

5fcbcac047d2001e9c1fed8309de17b5167150652f0d9e021014b19d25af21e5bd53435a3295678c8783ee680897072eccfd88e116e13d7f517d68bcb302b69e
SSDEEP

1536:rGaEqLOiCagl28ZpyTb3ROLnRFXyjj5jUepV96fEEEC7xZopSluTHT9KoTJlIU:rGaEgOiC/Xk3ROLjXyae6fBEC7oEkrhN

Score

8^/10

discovery persistence privilege_escalation

Malware Config

Targets

- Target
  
  bc01619169a7c1f78eb319b8df3f6656_JaffaCakes118
- Size
  
  88KB
- MD5
  
  bc01619169a7c1f78eb319b8df3f6656
- SHA1
  
  d2e5de03b14b76c1e96473ed84624621988aba83
- SHA256
  
  c8fb7c21044174eff8312ab0a9e032e7a19d36cf8bebe01c8e1ca04307b08232
- SHA512
  
  5fcbcac047d2001e9c1fed8309de17b5167150652f0d9e021014b19d25af21e5bd53435a3295678c8783ee680897072eccfd88e116e13d7f517d68bcb302b69e
- SSDEEP
  
  1536:rGaEqLOiCagl28ZpyTb3ROLnRFXyjj5jUepV96fEEEC7xZopSluTHT9KoTJlIU:rGaEgOiC/Xk3ROLjXyae6fBEC7oEkrhN
Score

8^/10

discovery persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceprivilege_escalation

behavioral2

discoverypersistenceprivilege_escalation