85be1b60ff9f7d28b7ed758fe91a58dd33a3331fb097d67417490c1fd449e01e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

109531ec229c59ac93ee203b0ec99aa2_JaffaCakes118
Size

92KB
Sample

241003-1ff8wsxgjk
MD5

109531ec229c59ac93ee203b0ec99aa2
SHA1

387590148b9be5ae6532d6351f6baa9df98e27a5
SHA256

85be1b60ff9f7d28b7ed758fe91a58dd33a3331fb097d67417490c1fd449e01e
SHA512

8b88b8d745e379416bd847f2cd1ed6a472b86e57faa99b7256ee326d47c1b22cfaf1fc25e623b1b42ace2fcf767e0b74fb500b62fdc1c96f0f8d662d2c434b10
SSDEEP

1536:PTruQF51uwPspuc+CvUdW+S2zd/3fJkpI3H67GAlqeTCQ1ioSJlIU:rrRZsp9+Cv0W+hp/CpIXAGEqe/ioSJlz

Score

8^/10

discovery persistence privilege_escalation

Malware Config

Targets

- Target
  
  109531ec229c59ac93ee203b0ec99aa2_JaffaCakes118
- Size
  
  92KB
- MD5
  
  109531ec229c59ac93ee203b0ec99aa2
- SHA1
  
  387590148b9be5ae6532d6351f6baa9df98e27a5
- SHA256
  
  85be1b60ff9f7d28b7ed758fe91a58dd33a3331fb097d67417490c1fd449e01e
- SHA512
  
  8b88b8d745e379416bd847f2cd1ed6a472b86e57faa99b7256ee326d47c1b22cfaf1fc25e623b1b42ace2fcf767e0b74fb500b62fdc1c96f0f8d662d2c434b10
- SSDEEP
  
  1536:PTruQF51uwPspuc+CvUdW+S2zd/3fJkpI3H67GAlqeTCQ1ioSJlIU:rrRZsp9+Cv0W+hp/CpIXAGEqe/ioSJlz
Score

8^/10

discovery persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceprivilege_escalation

behavioral2

discoverypersistenceprivilege_escalation