Overview

overview

8

Static

static

7

0599045356...18.exe

windows7-x64

8

0599045356...18.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    05990453568accde954c1f3b1c19a9e8_JaffaCakes118

  • Size

    16KB

  • Sample

    240620-nm1jwsyhpk

  • MD5

    05990453568accde954c1f3b1c19a9e8

  • SHA1

    c09cacf53b140f10821cc64428a6108c2bc67ad0

  • SHA256

    826945495608ff2d0a5355e167f86242f63c835d22138bb344cba64be8777621

  • SHA512

    2cf1fd29f9547fd1a7be6ce2e0326f9b35c5c79367eae9d9b146c288e95d299805fab53527a19859b75d218f08f7ed1df22c06a0be34baaab26bf1fa9f664487

  • SSDEEP

    384:x8+2e/bNZ+JcCn94qAVi7RnF9H0YnFhy4NpywZH:fP/pZ+JcC94qAMFnF9HNnptd

Score
8/10
persistenceprivilege_escalationupx

Malware Config

Targets

    • Target

      05990453568accde954c1f3b1c19a9e8_JaffaCakes118

    • Size

      16KB

    • MD5

      05990453568accde954c1f3b1c19a9e8

    • SHA1

      c09cacf53b140f10821cc64428a6108c2bc67ad0

    • SHA256

      826945495608ff2d0a5355e167f86242f63c835d22138bb344cba64be8777621

    • SHA512

      2cf1fd29f9547fd1a7be6ce2e0326f9b35c5c79367eae9d9b146c288e95d299805fab53527a19859b75d218f08f7ed1df22c06a0be34baaab26bf1fa9f664487

    • SSDEEP

      384:x8+2e/bNZ+JcCn94qAVi7RnF9H0YnFhy4NpywZH:fP/pZ+JcC94qAMFnF9HNnptd

    Score
    8/10
    persistenceprivilege_escalationupx

    • Drops file in Drivers directory

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Deletes itself

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks