bea7af4dd27b6ba019933bef4ef98acb94838e165a09f86182ace353a280bf10 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c13b825a6c22e0cdd4e8ee5454277d38_JaffaCakes118
Size

124KB
Sample

240825-v411bawaja
MD5

c13b825a6c22e0cdd4e8ee5454277d38
SHA1

d45a9ff23342abc6dbb01d0ac31c333a249a2fea
SHA256

bea7af4dd27b6ba019933bef4ef98acb94838e165a09f86182ace353a280bf10
SHA512

736b50ddc136029af70dbf99eaad965a9bddd822f7af192d584113015a058e96879f93ee24a50462c0663bc2bf2cbd2feac079cfe3c2791c2dd2892d6409f8c5
SSDEEP

3072:+LBAbtxZRUZ8KcJuzdB3iLiHo5LWAE5zY:KeTscOdIX6z

Score

8^/10

discovery persistence privilege_escalation

Malware Config

Targets

- Target
  
  c13b825a6c22e0cdd4e8ee5454277d38_JaffaCakes118
- Size
  
  124KB
- MD5
  
  c13b825a6c22e0cdd4e8ee5454277d38
- SHA1
  
  d45a9ff23342abc6dbb01d0ac31c333a249a2fea
- SHA256
  
  bea7af4dd27b6ba019933bef4ef98acb94838e165a09f86182ace353a280bf10
- SHA512
  
  736b50ddc136029af70dbf99eaad965a9bddd822f7af192d584113015a058e96879f93ee24a50462c0663bc2bf2cbd2feac079cfe3c2791c2dd2892d6409f8c5
- SSDEEP
  
  3072:+LBAbtxZRUZ8KcJuzdB3iLiHo5LWAE5zY:KeTscOdIX6z
Score

8^/10

discovery persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceprivilege_escalation

behavioral2

discoverypersistenceprivilege_escalation