General
-
Target
42abf96e15e971965cc4e4c88e6f7042_JaffaCakes118
-
Size
22KB
-
Sample
241014-rkjp5sygng
-
MD5
42abf96e15e971965cc4e4c88e6f7042
-
SHA1
92058ef5d6a050e1b798164d1dd434470daf57ed
-
SHA256
ab4c8cdca249b938ef93eef4781ff6192ab43693db44dec9ebc1f67a2c94c425
-
SHA512
dd42d42e64f1195b9a601badec39496fa4868ea3299ae2cf7db7698c8ed259dac860b8cce637800fbf187b3ca7e8b7fbba4e07e0cc1323af32d16a3d2896ee90
-
SSDEEP
384:XWiqsUAFyf/1Ypcii8DGWmFa8kCcpG5fpdYltymM2lMnoFS:XxgHipciiANmb1cpG5f4ltrM2lMnoFS
Malware Config
Targets
-
-
Target
42abf96e15e971965cc4e4c88e6f7042_JaffaCakes118
-
Size
22KB
-
MD5
42abf96e15e971965cc4e4c88e6f7042
-
SHA1
92058ef5d6a050e1b798164d1dd434470daf57ed
-
SHA256
ab4c8cdca249b938ef93eef4781ff6192ab43693db44dec9ebc1f67a2c94c425
-
SHA512
dd42d42e64f1195b9a601badec39496fa4868ea3299ae2cf7db7698c8ed259dac860b8cce637800fbf187b3ca7e8b7fbba4e07e0cc1323af32d16a3d2896ee90
-
SSDEEP
384:XWiqsUAFyf/1Ypcii8DGWmFa8kCcpG5fpdYltymM2lMnoFS:XxgHipciiANmb1cpG5f4ltrM2lMnoFS
Score8/10-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-
Indicator Removal: File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1AppInit DLLs
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1AppInit DLLs
1