39c3532331ab8164d24ed698a9b0eed785def7eff5d724e4c4ff6e8af4992956 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cefd7d651a1453ea8070a77482f64e31_JaffaCakes118
Size

100KB
Sample

240906-h8r7ratfjg
MD5

cefd7d651a1453ea8070a77482f64e31
SHA1

c3d044aac4b052a38642cfa93600476e64687161
SHA256

39c3532331ab8164d24ed698a9b0eed785def7eff5d724e4c4ff6e8af4992956
SHA512

88faa7bcee219914c94fc8ba01b6f9ede329195bda8cdb4696df6a02c032125ed61074aaa45fc0ae9a5e38f488d8c1e968d84abbe00a332be7c4dd0385ddabdb
SSDEEP

1536:i8SqRLmjK/qQd60/um3pUs43XlfXtCVFu+Mg0Yl5Lgo4zHYRIA:iMRL9iC/nU13XNP+x0YPLgo47Y

Score

8^/10

discovery persistence privilege_escalation

Malware Config

Targets

- Target
  
  cefd7d651a1453ea8070a77482f64e31_JaffaCakes118
- Size
  
  100KB
- MD5
  
  cefd7d651a1453ea8070a77482f64e31
- SHA1
  
  c3d044aac4b052a38642cfa93600476e64687161
- SHA256
  
  39c3532331ab8164d24ed698a9b0eed785def7eff5d724e4c4ff6e8af4992956
- SHA512
  
  88faa7bcee219914c94fc8ba01b6f9ede329195bda8cdb4696df6a02c032125ed61074aaa45fc0ae9a5e38f488d8c1e968d84abbe00a332be7c4dd0385ddabdb
- SSDEEP
  
  1536:i8SqRLmjK/qQd60/um3pUs43XlfXtCVFu+Mg0Yl5Lgo4zHYRIA:iMRL9iC/nU13XNP+x0YPLgo47Y
Score

8^/10

discovery persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceprivilege_escalation

behavioral2

discoverypersistenceprivilege_escalation