dcab5fe2b6aebb600c482f1a81aab5eda86623970c899098fc741e5a36681dac | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fb692e89c5a1a466245d24f24d654fac_JaffaCakes118
Size

100KB
Sample

240928-dzxcwsvbml
MD5

fb692e89c5a1a466245d24f24d654fac
SHA1

599c307b380549f197b9231193c6b572cb04fe3a
SHA256

dcab5fe2b6aebb600c482f1a81aab5eda86623970c899098fc741e5a36681dac
SHA512

28446dc2e8fdd6238ff6d57a9a493b9aae5743ef0ab95a66c8fe8d9859b16ca9e3c15db250ba04e54d1d841f407fc19ca98c6753577aea307dc6e8ea24963a32
SSDEEP

1536:ggFi+9cf+9N2jM82+MdW/r0FoleYzojDhH1MyDXLHoXSSSeSSS+y:g6NR2j+lW/r0FEgt17rLHof

Score

8^/10

discovery persistence privilege_escalation

Malware Config

Targets

- Target
  
  fb692e89c5a1a466245d24f24d654fac_JaffaCakes118
- Size
  
  100KB
- MD5
  
  fb692e89c5a1a466245d24f24d654fac
- SHA1
  
  599c307b380549f197b9231193c6b572cb04fe3a
- SHA256
  
  dcab5fe2b6aebb600c482f1a81aab5eda86623970c899098fc741e5a36681dac
- SHA512
  
  28446dc2e8fdd6238ff6d57a9a493b9aae5743ef0ab95a66c8fe8d9859b16ca9e3c15db250ba04e54d1d841f407fc19ca98c6753577aea307dc6e8ea24963a32
- SSDEEP
  
  1536:ggFi+9cf+9N2jM82+MdW/r0FoleYzojDhH1MyDXLHoXSSSeSSS+y:g6NR2j+lW/r0FEgt17rLHof
Score

8^/10

discovery persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceprivilege_escalation

behavioral2

discoverypersistenceprivilege_escalation