45f47b1958065c3a58778b9275645699d5f6cbe2d2ccad3c789d5af1bd03aba5 | Triage

Sharing

General

Target

d9ad37389b49ed00c220bcddd343c9aa_JaffaCakes118
Size

100KB
Sample

240911-fwlhbstgpm
MD5

d9ad37389b49ed00c220bcddd343c9aa
SHA1

7549f18b1c095eb6b74af3c779858f7af46ea46a
SHA256

45f47b1958065c3a58778b9275645699d5f6cbe2d2ccad3c789d5af1bd03aba5
SHA512

c5000e216de224cbdbc75cb5cb713f51a3d8cd8c76d3037254f295c5846998db2166abee855ac1c0c5187f8779db76d974dcf7392df83cd2fb7ddd8e5d31f553
SSDEEP

1536:y4z5s/95CiHvPY1A7K1p4vPYFlxmJp/wS5zovykTw5Rgo70HYRIA:ywYbCiHY1A7ylxmT/L5CykTsRgo7kY

Score

8^/10

discovery persistence privilege_escalation

Malware Config

Targets

- Target
  
  d9ad37389b49ed00c220bcddd343c9aa_JaffaCakes118
- Size
  
  100KB
- MD5
  
  d9ad37389b49ed00c220bcddd343c9aa
- SHA1
  
  7549f18b1c095eb6b74af3c779858f7af46ea46a
- SHA256
  
  45f47b1958065c3a58778b9275645699d5f6cbe2d2ccad3c789d5af1bd03aba5
- SHA512
  
  c5000e216de224cbdbc75cb5cb713f51a3d8cd8c76d3037254f295c5846998db2166abee855ac1c0c5187f8779db76d974dcf7392df83cd2fb7ddd8e5d31f553
- SSDEEP
  
  1536:y4z5s/95CiHvPY1A7K1p4vPYFlxmJp/wS5zovykTw5Rgo70HYRIA:ywYbCiHY1A7ylxmT/L5CykTsRgo7kY
Score

8^/10

discovery persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceprivilege_escalation

behavioral2

discoverypersistenceprivilege_escalation