05c86d9d831edc73a13c83ad3b0d987084332eb2f9869faa8df1c1103d1547df | Triage

Sharing

General

Target

917d85b132132423ce41b17bd7ae6c2d_JaffaCakes118
Size

26KB
Sample

241124-ajydgatqas
MD5

917d85b132132423ce41b17bd7ae6c2d
SHA1

4638dfa4a8823a95e94efb44a4dd5a862adf8567
SHA256

05c86d9d831edc73a13c83ad3b0d987084332eb2f9869faa8df1c1103d1547df
SHA512

455b4c65a699f7f255a1b018fc2d44d9dcfd93224f628b2a9c4d5eb1c8f2223cf55d2236b0c4b748c6f0718985591f91ee4d3d7d3a42cdc0e7d07c20eb35e0ef
SSDEEP

384:VW8NWg2+2vDEo8R5v6Xbntgmfjf74TiM6p9WtWw1NVNc8uSvTJMzloRY4ONED9s+:172x82Hsi9uRJN9uQTJMzXdtzg

Score

8^/10

discovery exploit

Malware Config

Targets

- Target
  
  917d85b132132423ce41b17bd7ae6c2d_JaffaCakes118
- Size
  
  26KB
- MD5
  
  917d85b132132423ce41b17bd7ae6c2d
- SHA1
  
  4638dfa4a8823a95e94efb44a4dd5a862adf8567
- SHA256
  
  05c86d9d831edc73a13c83ad3b0d987084332eb2f9869faa8df1c1103d1547df
- SHA512
  
  455b4c65a699f7f255a1b018fc2d44d9dcfd93224f628b2a9c4d5eb1c8f2223cf55d2236b0c4b748c6f0718985591f91ee4d3d7d3a42cdc0e7d07c20eb35e0ef
- SSDEEP
  
  384:VW8NWg2+2vDEo8R5v6Xbntgmfjf74TiM6p9WtWw1NVNc8uSvTJMzloRY4ONED9s+:172x82Hsi9uRJN9uQTJMzXdtzg
Score

8^/10

discovery exploit
- Possible privilege escalation attempt
  exploit
- Deletes itself
- Loads dropped DLL
- Modifies file permissions
  discovery
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryexploit

behavioral2

discoveryexploit