b1e9c422863ee024d463cfe20b56b0f552f078e7da47b9ec15f29d018565228e | Triage

Sharing

General

Target

f50af39abda4e806be593490c2551419_JaffaCakes118
Size

38KB
Sample

240925-dn9h3s1gnk
MD5

f50af39abda4e806be593490c2551419
SHA1

fffe548b575dfbbb2205383c4937a99d6d0035df
SHA256

b1e9c422863ee024d463cfe20b56b0f552f078e7da47b9ec15f29d018565228e
SHA512

96be344e788dde96be700e7b8eeb01a4d8c6686379f3134a5a83ee26de0ed22ece8a8e37ca10973d35574730ef123451c68107e2aea717b82d999253b457b51e
SSDEEP

768:yCAmdkQhC8prhRsIRHpM8riCUZKJOn/mEnJyoCh:yCAmJnNRsIhpM8wJn/Lyxh

Score

8^/10

discovery persistence privilege_escalation

Malware Config

Targets

- Target
  
  f50af39abda4e806be593490c2551419_JaffaCakes118
- Size
  
  38KB
- MD5
  
  f50af39abda4e806be593490c2551419
- SHA1
  
  fffe548b575dfbbb2205383c4937a99d6d0035df
- SHA256
  
  b1e9c422863ee024d463cfe20b56b0f552f078e7da47b9ec15f29d018565228e
- SHA512
  
  96be344e788dde96be700e7b8eeb01a4d8c6686379f3134a5a83ee26de0ed22ece8a8e37ca10973d35574730ef123451c68107e2aea717b82d999253b457b51e
- SSDEEP
  
  768:yCAmdkQhC8prhRsIRHpM8riCUZKJOn/mEnJyoCh:yCAmJnNRsIhpM8wJn/Lyxh
Score

8^/10

persistence privilege_escalation discovery
- Event Triggered Execution: AppCert DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppCert DLLs loaded into processes.
  persistence privilege_escalation
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppCert DLLs

Privilege Escalation

Event Triggered Execution

AppCert DLLs

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistenceprivilege_escalation

behavioral2

discoverypersistenceprivilege_escalation