13031bcabf01e57c3982cc0a20752ad2fb23c13c9b8bdf08de98b59f3f330c07 | Triage

Sharing

General

Target

f649f7143d919bfbc3ab9f20f80834bf_JaffaCakes118
Size

250KB
Sample

240925-sngwdswake
MD5

f649f7143d919bfbc3ab9f20f80834bf
SHA1

a2393d80d2efd58df5274d119531472613e5db64
SHA256

13031bcabf01e57c3982cc0a20752ad2fb23c13c9b8bdf08de98b59f3f330c07
SHA512

e1b7547969fa2be2bfcfb45d281de375119cb7f9215bea49c5c228ea42e9ad2f924de6a9987d5adb822551165d411c9ae763232df598b9dcb9dabd162904b62a
SSDEEP

6144:/r72S8iPKc/27KjT/ZwnNBTVOTBBUy3wqqwkMsF:j72+Kc/XjT6jGAqqz

Score

7^/10

persistence privilege_escalation

Malware Config

Targets

- Target
  
  f649f7143d919bfbc3ab9f20f80834bf_JaffaCakes118
- Size
  
  250KB
- MD5
  
  f649f7143d919bfbc3ab9f20f80834bf
- SHA1
  
  a2393d80d2efd58df5274d119531472613e5db64
- SHA256
  
  13031bcabf01e57c3982cc0a20752ad2fb23c13c9b8bdf08de98b59f3f330c07
- SHA512
  
  e1b7547969fa2be2bfcfb45d281de375119cb7f9215bea49c5c228ea42e9ad2f924de6a9987d5adb822551165d411c9ae763232df598b9dcb9dabd162904b62a
- SSDEEP
  
  6144:/r72S8iPKc/27KjT/ZwnNBTVOTBBUy3wqqwkMsF:j72+Kc/XjT6jGAqqz
Score

7^/10

persistence privilege_escalation
- Event Triggered Execution: Component Object Model Hijacking
  Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
  persistence privilege_escalation
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Component Object Model Hijacking

Privilege Escalation

Event Triggered Execution

Component Object Model Hijacking

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistenceprivilege_escalation

behavioral2

persistenceprivilege_escalation