11eb6c5eb42f8461b3df25d268fc4ed11eadf20c1b4cd519b0040b047453a7c1 | Triage

Sharing

General

Target

25df331b6280e9e520493b82eec20100_JaffaCakes118
Size

345KB
Sample

241008-1kv8lszbjk
MD5

25df331b6280e9e520493b82eec20100
SHA1

2b73d1395be8053137caa75a5141593878232bf9
SHA256

11eb6c5eb42f8461b3df25d268fc4ed11eadf20c1b4cd519b0040b047453a7c1
SHA512

e9cba56b80f317a82d34b62fa1fdcd060edfa1f332abfbe19080026df69747ca7ec1b63ae438ac8eb95974c92c558734c8d707ec6f5203e384517ef85ae739e9
SSDEEP

6144:IiV3M7tydyE7ztsY4yTr8bjeJwj2EItHp4Pl6yzh0H0xH9NDDOfHvAh:Iu3URWtsYf8PemjE8h0UxH9ND6fvk

Score

8^/10

discovery persistence privilege_escalation

Malware Config

Targets

- Target
  
  25df331b6280e9e520493b82eec20100_JaffaCakes118
- Size
  
  345KB
- MD5
  
  25df331b6280e9e520493b82eec20100
- SHA1
  
  2b73d1395be8053137caa75a5141593878232bf9
- SHA256
  
  11eb6c5eb42f8461b3df25d268fc4ed11eadf20c1b4cd519b0040b047453a7c1
- SHA512
  
  e9cba56b80f317a82d34b62fa1fdcd060edfa1f332abfbe19080026df69747ca7ec1b63ae438ac8eb95974c92c558734c8d707ec6f5203e384517ef85ae739e9
- SSDEEP
  
  6144:IiV3M7tydyE7ztsY4yTr8bjeJwj2EItHp4Pl6yzh0H0xH9NDDOfHvAh:Iu3URWtsYf8PemjE8h0UxH9ND6fvk
Score

8^/10

discovery persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceprivilege_escalation

behavioral2

discoverypersistenceprivilege_escalation