aa3666fe6c3dafab85773cde8de5f62c67a3040d274ab3d029556b36a11ca6c7 | Triage

Sharing

General

Target

09be8b8a6e214a84ce329652b3a5c3e0_JaffaCakes118
Size

209KB
Sample

241002-j9rhaazeme
MD5

09be8b8a6e214a84ce329652b3a5c3e0
SHA1

dee1fed70617e055d2d802b5521cfa607e7fecfa
SHA256

aa3666fe6c3dafab85773cde8de5f62c67a3040d274ab3d029556b36a11ca6c7
SHA512

ffc9ad94ac83062a86692dd230fa53cefec4de586213832e7535c167e7ca442943699a1e2322922f387a2276c1e66ea6fc7e9a434509a4ed6f040c1dbbda100b
SSDEEP

3072:n4CgNgTsDAJJRjOmh4JUABuENeXkm6cANLFZhh2D+0caj3kyRAChmy:n4CgCJJnyyABu+QHANn9ozB

Score

8^/10

discovery persistence privilege_escalation

Malware Config

Targets

- Target
  
  09be8b8a6e214a84ce329652b3a5c3e0_JaffaCakes118
- Size
  
  209KB
- MD5
  
  09be8b8a6e214a84ce329652b3a5c3e0
- SHA1
  
  dee1fed70617e055d2d802b5521cfa607e7fecfa
- SHA256
  
  aa3666fe6c3dafab85773cde8de5f62c67a3040d274ab3d029556b36a11ca6c7
- SHA512
  
  ffc9ad94ac83062a86692dd230fa53cefec4de586213832e7535c167e7ca442943699a1e2322922f387a2276c1e66ea6fc7e9a434509a4ed6f040c1dbbda100b
- SSDEEP
  
  3072:n4CgNgTsDAJJRjOmh4JUABuENeXkm6cANLFZhh2D+0caj3kyRAChmy:n4CgCJJnyyABu+QHANn9ozB
Score

8^/10

discovery persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceprivilege_escalation

behavioral2

discoverypersistenceprivilege_escalation