a01fbde713f3185c3d018797cd78a022dadce71bb729ca81c73208d6425095e9 | Triage

Sharing

General

Target

d53b1abfd1884bb3645c43e5a4fcdae4_JaffaCakes118
Size

100KB
Sample

240908-2r1bksyhpr
MD5

d53b1abfd1884bb3645c43e5a4fcdae4
SHA1

0c00f5ee7dcc8611b8f87064349543ebf05534ea
SHA256

a01fbde713f3185c3d018797cd78a022dadce71bb729ca81c73208d6425095e9
SHA512

9528b513d7b77d6e7999eee404d0d867d1ae5ee60dd1b8dc26375028f3e82cc8ceb87e525bd0f58d0b9e529543cdd0a654a04354d982f268caf72a732cac8076
SSDEEP

1536:iOzWRkGJAG9Bjs29NOOzN2zk+jfq48cYctMg0Yl5Lgo4zHYRIA:iCBgAG9DlzN24E8NGx0YPLgo47Y

Score

8^/10

discovery persistence privilege_escalation

Malware Config

Targets

- Target
  
  d53b1abfd1884bb3645c43e5a4fcdae4_JaffaCakes118
- Size
  
  100KB
- MD5
  
  d53b1abfd1884bb3645c43e5a4fcdae4
- SHA1
  
  0c00f5ee7dcc8611b8f87064349543ebf05534ea
- SHA256
  
  a01fbde713f3185c3d018797cd78a022dadce71bb729ca81c73208d6425095e9
- SHA512
  
  9528b513d7b77d6e7999eee404d0d867d1ae5ee60dd1b8dc26375028f3e82cc8ceb87e525bd0f58d0b9e529543cdd0a654a04354d982f268caf72a732cac8076
- SSDEEP
  
  1536:iOzWRkGJAG9Bjs29NOOzN2zk+jfq48cYctMg0Yl5Lgo4zHYRIA:iCBgAG9DlzN24E8NGx0YPLgo47Y
Score

8^/10

discovery persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceprivilege_escalation

behavioral2

discoverypersistenceprivilege_escalation