d9187a7e966ab3ee5b0d9bbfb1b23467e9d8e11a42f28a436c10eccd46c0eb56 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dd23459bd50aea348a725534cbc13a2e_JaffaCakes118
Size

92KB
Sample

240912-123c9axenn
MD5

dd23459bd50aea348a725534cbc13a2e
SHA1

c1e2f8c9bd591fc1b623ae62c51ce03919aa7b84
SHA256

d9187a7e966ab3ee5b0d9bbfb1b23467e9d8e11a42f28a436c10eccd46c0eb56
SHA512

2b9ecb903b3342ec6c961030caca77f83ef8441514706d7babd6ef6566b59625d9874f00b7b8d3720d5e4b96fde7b0ee2f5e852465175566acad708fa4c71643
SSDEEP

1536:IUkwKTdjQ913RJ9TeKfZXntgpUkZUCPrtz0ZW+bVBZrYV0oBe:FKTdjoR3eudupaGZ0XVB60oB

Score

8^/10

discovery persistence privilege_escalation

Malware Config

Targets

- Target
  
  dd23459bd50aea348a725534cbc13a2e_JaffaCakes118
- Size
  
  92KB
- MD5
  
  dd23459bd50aea348a725534cbc13a2e
- SHA1
  
  c1e2f8c9bd591fc1b623ae62c51ce03919aa7b84
- SHA256
  
  d9187a7e966ab3ee5b0d9bbfb1b23467e9d8e11a42f28a436c10eccd46c0eb56
- SHA512
  
  2b9ecb903b3342ec6c961030caca77f83ef8441514706d7babd6ef6566b59625d9874f00b7b8d3720d5e4b96fde7b0ee2f5e852465175566acad708fa4c71643
- SSDEEP
  
  1536:IUkwKTdjQ913RJ9TeKfZXntgpUkZUCPrtz0ZW+bVBZrYV0oBe:FKTdjoR3eudupaGZ0XVB60oB
Score

8^/10

discovery persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceprivilege_escalation

behavioral2

discoverypersistenceprivilege_escalation