ddcd2b31920a5e95e234d45b5c7e7daec4c5f0d635b3846f42ea97672c7a9c4e | Triage

Sharing

General

Target

f660b2f072b7d113d9875304793572c3_JaffaCakes118
Size

104KB
Sample

240925-tmhxqsxgjf
MD5

f660b2f072b7d113d9875304793572c3
SHA1

d978800938b77f6d219c332052cf84f735015620
SHA256

ddcd2b31920a5e95e234d45b5c7e7daec4c5f0d635b3846f42ea97672c7a9c4e
SHA512

914dc5ac48984b7631329e40a861c512e2fe958c0b6243d8ce0adf8d79bad6df1eb6afdfa34552652788c18f94afdd9c3e1a499feaa4383c74ec83b7eb6f4e8f
SSDEEP

3072:XKDJidXBl5HpCfA05/ZcUDsrLoPebBgyoD0:6DIdXBl5JCfA0vcUAA+qG

Score

8^/10

discovery persistence privilege_escalation

Malware Config

Targets

- Target
  
  f660b2f072b7d113d9875304793572c3_JaffaCakes118
- Size
  
  104KB
- MD5
  
  f660b2f072b7d113d9875304793572c3
- SHA1
  
  d978800938b77f6d219c332052cf84f735015620
- SHA256
  
  ddcd2b31920a5e95e234d45b5c7e7daec4c5f0d635b3846f42ea97672c7a9c4e
- SHA512
  
  914dc5ac48984b7631329e40a861c512e2fe958c0b6243d8ce0adf8d79bad6df1eb6afdfa34552652788c18f94afdd9c3e1a499feaa4383c74ec83b7eb6f4e8f
- SSDEEP
  
  3072:XKDJidXBl5HpCfA05/ZcUDsrLoPebBgyoD0:6DIdXBl5JCfA0vcUAA+qG
Score

8^/10

discovery persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceprivilege_escalation

behavioral2

discoverypersistenceprivilege_escalation