fe0f21318292137e556ade5e8f233b22aa9b5c2b116007abee96b3ca6e3cdd9d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e2279e1b2f81b2699e040d35d4614d69_JaffaCakes118
Size

92KB
Sample

240915-k8hpeswhnk
MD5

e2279e1b2f81b2699e040d35d4614d69
SHA1

e3eaa23ffb5811a65803bee2fe14e24e460bd394
SHA256

fe0f21318292137e556ade5e8f233b22aa9b5c2b116007abee96b3ca6e3cdd9d
SHA512

fcaa1e22f1f8f4dffda4c8ac988a867d212f0201fc0befc068e1afaf589fc9109c757169f3d92799d4ec80dfe2c9291e77c88939bc02d94e0fa4a2a5e35b22ab
SSDEEP

1536:ASHla7jYmtTcYkqFtJ69qTmJ3p64qb9qt4AWWhoxMWNLzMo:7QIYhh69qTmJRqbgt4xtxxlzMo

Score

8^/10

discovery persistence privilege_escalation

Malware Config

Targets

- Target
  
  e2279e1b2f81b2699e040d35d4614d69_JaffaCakes118
- Size
  
  92KB
- MD5
  
  e2279e1b2f81b2699e040d35d4614d69
- SHA1
  
  e3eaa23ffb5811a65803bee2fe14e24e460bd394
- SHA256
  
  fe0f21318292137e556ade5e8f233b22aa9b5c2b116007abee96b3ca6e3cdd9d
- SHA512
  
  fcaa1e22f1f8f4dffda4c8ac988a867d212f0201fc0befc068e1afaf589fc9109c757169f3d92799d4ec80dfe2c9291e77c88939bc02d94e0fa4a2a5e35b22ab
- SSDEEP
  
  1536:ASHla7jYmtTcYkqFtJ69qTmJ3p64qb9qt4AWWhoxMWNLzMo:7QIYhh69qTmJRqbgt4xtxxlzMo
Score

8^/10

discovery persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceprivilege_escalation

behavioral2

discoverypersistenceprivilege_escalation