e39512ce385cf8eca1174c0b92d7424fd5a9a5d89603cdf8908371fc4db3ceb0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f5090709bd45f08b0b983f8a1acd4e8d_JaffaCakes118
Size

100KB
Sample

240925-dlsgsavbkb
MD5

f5090709bd45f08b0b983f8a1acd4e8d
SHA1

0c2719a2afb30927dd048231c7aff6a817fbcb37
SHA256

e39512ce385cf8eca1174c0b92d7424fd5a9a5d89603cdf8908371fc4db3ceb0
SHA512

9fef2b669038348d3a4854fdb25dd837d2a799325ee5928dfacf6c42aa0f8ffee94f89a7d2f9d658f8eddbdcb685a041f2f464faac41eff56e9e297e6cd11bef
SSDEEP

3072:+Qr57GqHhGYz7p8mcO53/7c3lQOx0YPLgo47Y:3t7Hhfpvc03/yQONI7Y

Score

8^/10

discovery persistence privilege_escalation

Malware Config

Targets

- Target
  
  f5090709bd45f08b0b983f8a1acd4e8d_JaffaCakes118
- Size
  
  100KB
- MD5
  
  f5090709bd45f08b0b983f8a1acd4e8d
- SHA1
  
  0c2719a2afb30927dd048231c7aff6a817fbcb37
- SHA256
  
  e39512ce385cf8eca1174c0b92d7424fd5a9a5d89603cdf8908371fc4db3ceb0
- SHA512
  
  9fef2b669038348d3a4854fdb25dd837d2a799325ee5928dfacf6c42aa0f8ffee94f89a7d2f9d658f8eddbdcb685a041f2f464faac41eff56e9e297e6cd11bef
- SSDEEP
  
  3072:+Qr57GqHhGYz7p8mcO53/7c3lQOx0YPLgo47Y:3t7Hhfpvc03/yQONI7Y
Score

8^/10

discovery persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceprivilege_escalation

behavioral2

discoverypersistenceprivilege_escalation