55625f7cadfdf94ef7bbfd68419e1876817123f11fd85cf5f445e602f9f0d738 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0f16b1632cc528a22f3ec411df7be10b_JaffaCakes118
Size

84KB
Sample

241003-rjfxvssgmd
MD5

0f16b1632cc528a22f3ec411df7be10b
SHA1

f1822dfc6705216d981b896ba6153584a6bf8d4f
SHA256

55625f7cadfdf94ef7bbfd68419e1876817123f11fd85cf5f445e602f9f0d738
SHA512

b104503983fbeaa2871a4ff5e3ab595fbbe042a706627b50290743ce43f60e7aa1d5eab19a294937ab39d8dabb6ba4fdbf822bf2054e7a1c89b8229b2898eb0c
SSDEEP

1536:Hks5ycFYCTERZLiJ1yn65NcOdBZOebzbrZicxPtKJjKYgTkPpFGLo:Es5nFYCo/ien6TJBZOQLsJKCALo

Score

8^/10

discovery persistence privilege_escalation

Malware Config

Targets

- Target
  
  0f16b1632cc528a22f3ec411df7be10b_JaffaCakes118
- Size
  
  84KB
- MD5
  
  0f16b1632cc528a22f3ec411df7be10b
- SHA1
  
  f1822dfc6705216d981b896ba6153584a6bf8d4f
- SHA256
  
  55625f7cadfdf94ef7bbfd68419e1876817123f11fd85cf5f445e602f9f0d738
- SHA512
  
  b104503983fbeaa2871a4ff5e3ab595fbbe042a706627b50290743ce43f60e7aa1d5eab19a294937ab39d8dabb6ba4fdbf822bf2054e7a1c89b8229b2898eb0c
- SSDEEP
  
  1536:Hks5ycFYCTERZLiJ1yn65NcOdBZOebzbrZicxPtKJjKYgTkPpFGLo:Es5nFYCo/ien6TJBZOQLsJKCALo
Score

8^/10

discovery persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceprivilege_escalation

behavioral2

discoverypersistenceprivilege_escalation