Overview

overview

8

Static

static

7

0575cffe89...18.exe

windows7-x64

8

0575cffe89...18.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    0575cffe89bee2a7e57d5c2ad4031f76_JaffaCakes118

  • Size

    13KB

  • Sample

    240620-naj2dayclq

  • MD5

    0575cffe89bee2a7e57d5c2ad4031f76

  • SHA1

    fccd6f080b436b48044182695fd175b00b91597c

  • SHA256

    d977c1b3b732b8c976bd1db2d09aab746417b4e4e922b5f62510e0553d68946a

  • SHA512

    50b1ac1c04f16665055752f56ec236c93f421562c53d05f7294a65d1ef56edc1ce78b5299a2881673796c8d36807e3b8f8e47c1670d4dbb788f36e87a3064ee2

  • SSDEEP

    192:OLb9NnAAL3fGlaNi/akJ7QTCEXSoBKeXYpK4y58Kb9CuGQNFqDsQTpbIg:Of9NAC3Ni/1DayK9CurPUTKg

Score
8/10
persistenceprivilege_escalationupx

Malware Config

Targets

    • Target

      0575cffe89bee2a7e57d5c2ad4031f76_JaffaCakes118

    • Size

      13KB

    • MD5

      0575cffe89bee2a7e57d5c2ad4031f76

    • SHA1

      fccd6f080b436b48044182695fd175b00b91597c

    • SHA256

      d977c1b3b732b8c976bd1db2d09aab746417b4e4e922b5f62510e0553d68946a

    • SHA512

      50b1ac1c04f16665055752f56ec236c93f421562c53d05f7294a65d1ef56edc1ce78b5299a2881673796c8d36807e3b8f8e47c1670d4dbb788f36e87a3064ee2

    • SSDEEP

      192:OLb9NnAAL3fGlaNi/akJ7QTCEXSoBKeXYpK4y58Kb9CuGQNFqDsQTpbIg:Of9NAC3Ni/1DayK9CurPUTKg

    Score
    8/10
    persistenceprivilege_escalationupx

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks