34eb19f253b8b532777729c883a8c4f9e1a631e2ddcf423522efbbc0d3bf0847 | Triage

Sharing

General

Target

d421d735c3278c7b8c37ce3856a0dce3_JaffaCakes118
Size

92KB
Sample

240908-mb55kazhrl
MD5

d421d735c3278c7b8c37ce3856a0dce3
SHA1

3ca9916358ea7d1479aca2d40023ef629a1249f2
SHA256

34eb19f253b8b532777729c883a8c4f9e1a631e2ddcf423522efbbc0d3bf0847
SHA512

c3d905bbdc0943d7cf495ed7d0b0b995fa5514fa98d4d012d2d4b7ffcad354a6ad1ba42888d9d534fe76f57d509bc07c1c33e81127e100b624499f50c14f2eb4
SSDEEP

1536:BV/qW70iW3jLW0oXML/d6LdQyJAEhEacLfHwzGo:PCW1WTLdN/EyacszGo

Score

8^/10

discovery persistence privilege_escalation

Malware Config

Targets

- Target
  
  d421d735c3278c7b8c37ce3856a0dce3_JaffaCakes118
- Size
  
  92KB
- MD5
  
  d421d735c3278c7b8c37ce3856a0dce3
- SHA1
  
  3ca9916358ea7d1479aca2d40023ef629a1249f2
- SHA256
  
  34eb19f253b8b532777729c883a8c4f9e1a631e2ddcf423522efbbc0d3bf0847
- SHA512
  
  c3d905bbdc0943d7cf495ed7d0b0b995fa5514fa98d4d012d2d4b7ffcad354a6ad1ba42888d9d534fe76f57d509bc07c1c33e81127e100b624499f50c14f2eb4
- SSDEEP
  
  1536:BV/qW70iW3jLW0oXML/d6LdQyJAEhEacLfHwzGo:PCW1WTLdN/EyacszGo
Score

8^/10

discovery persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceprivilege_escalation

behavioral2

discoverypersistenceprivilege_escalation