Overview

overview

8

Static

static

7

0d3025d012...18.exe

windows7-x64

8

0d3025d012...18.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0d3025d012f69930c92069d77491e639_JaffaCakes118

  • Size

    14KB

  • Sample

    240625-h6vvvszbjr

  • MD5

    0d3025d012f69930c92069d77491e639

  • SHA1

    8c252eb947bd85711b058851cdff718dcea5af44

  • SHA256

    c9115c228972467f37903e990f1e3cd0a7b5cdec1e17510ec45e9e07c4264bd1

  • SHA512

    953b4f0d724e007f2cdf62268f11f8a66e8a4bc89ef1cb3469075bdac3763220ec914c782308e1ba8956da454676510bb9b8839db3fe49c052bbae2dd0c1cfc4

  • SSDEEP

    384:2NZPH9wVU2VC7SEB/DkYozRXWEAj4UhtM68YR:2NZlKVKB/QzRGbj

Score
8/10
persistenceprivilege_escalationupx

Malware Config

Targets

    • Target

      0d3025d012f69930c92069d77491e639_JaffaCakes118

    • Size

      14KB

    • MD5

      0d3025d012f69930c92069d77491e639

    • SHA1

      8c252eb947bd85711b058851cdff718dcea5af44

    • SHA256

      c9115c228972467f37903e990f1e3cd0a7b5cdec1e17510ec45e9e07c4264bd1

    • SHA512

      953b4f0d724e007f2cdf62268f11f8a66e8a4bc89ef1cb3469075bdac3763220ec914c782308e1ba8956da454676510bb9b8839db3fe49c052bbae2dd0c1cfc4

    • SSDEEP

      384:2NZPH9wVU2VC7SEB/DkYozRXWEAj4UhtM68YR:2NZlKVKB/QzRGbj

    Score
    8/10
    persistenceprivilege_escalationupx

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks