d424742616b8994751a25313f5af59c5ce9143e8295170f68329f2411579bc19 | Triage

Sharing

General

Target

91373b901ca888ec00fd5e0eb44641a2_JaffaCakes118
Size

457KB
Sample

241123-271x2s1qbw
MD5

91373b901ca888ec00fd5e0eb44641a2
SHA1

73e76b9cf79f32c948968977005d6c274c5b2f2c
SHA256

d424742616b8994751a25313f5af59c5ce9143e8295170f68329f2411579bc19
SHA512

d1bc1461fb20c5d4e07b649ffc609671ee4b1b5c41c915fbdd9515f8d0336335a6c3c0d9d1c41ed211ea7f6339a7fbe48dc3621de75b51b9d7d4bf07701d1a10
SSDEEP

6144:1UJtzbToFfF6T2DGPx9lmbbJ/bGWtaGNFUyoSFOeOB7waZTKDISVtNFvV7nkc/4h:qGilmbVDUC+y8eOB7waU0wNvV7J/OX5

Score

8^/10

defense_evasion discovery exploit

Malware Config

Targets

- Target
  
  91373b901ca888ec00fd5e0eb44641a2_JaffaCakes118
- Size
  
  457KB
- MD5
  
  91373b901ca888ec00fd5e0eb44641a2
- SHA1
  
  73e76b9cf79f32c948968977005d6c274c5b2f2c
- SHA256
  
  d424742616b8994751a25313f5af59c5ce9143e8295170f68329f2411579bc19
- SHA512
  
  d1bc1461fb20c5d4e07b649ffc609671ee4b1b5c41c915fbdd9515f8d0336335a6c3c0d9d1c41ed211ea7f6339a7fbe48dc3621de75b51b9d7d4bf07701d1a10
- SSDEEP
  
  6144:1UJtzbToFfF6T2DGPx9lmbbJ/bGWtaGNFUyoSFOeOB7waZTKDISVtNFvV7nkc/4h:qGilmbVDUC+y8eOB7waU0wNvV7J/OX5
Score

8^/10

defense_evasion discovery exploit
- Possible privilege escalation attempt
  exploit
- Loads dropped DLL
- Modifies file permissions
  discovery
- File and Directory Permissions Modification: Windows File and Directory Permissions Modification
  defense_evasion
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Windows File and Directory Permissions Modification

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscoveryexploit

behavioral2

defense_evasiondiscoveryexploit