Overview

overview

8

Static

static

3

17e5eaa69d...18.exe

windows7-x64

17e5eaa69d...18.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    17e5eaa69db236272026867fbcea6017_JaffaCakes118

  • Size

    79KB

  • Sample

    240627-28kbpaxdrc

  • MD5

    17e5eaa69db236272026867fbcea6017

  • SHA1

    0c6383574209581775af2ae5e05dfe1a1046fc55

  • SHA256

    69e07860758f204d55930b1ab6d451e8260769b579cf2bfa4d75576aac87054e

  • SHA512

    7041b5561cf8dfa75faa29a8ba9481da90fa2cdf94a2b02e136a48f99ed9c8cee7ff31fecdedf649a5124e88e75ef8846383045a4849422fb13a59736e3293c3

  • SSDEEP

    1536:641eLm5c1OW4eVLiUaR6H9Jd9pn140GOUBStMPPonJlIK:eIW4eVeUdxpn1rZASSPPonJlIK

Score
8/10
persistenceprivilege_escalation

Malware Config

Targets

    • Target

      17e5eaa69db236272026867fbcea6017_JaffaCakes118

    • Size

      79KB

    • MD5

      17e5eaa69db236272026867fbcea6017

    • SHA1

      0c6383574209581775af2ae5e05dfe1a1046fc55

    • SHA256

      69e07860758f204d55930b1ab6d451e8260769b579cf2bfa4d75576aac87054e

    • SHA512

      7041b5561cf8dfa75faa29a8ba9481da90fa2cdf94a2b02e136a48f99ed9c8cee7ff31fecdedf649a5124e88e75ef8846383045a4849422fb13a59736e3293c3

    • SSDEEP

      1536:641eLm5c1OW4eVLiUaR6H9Jd9pn140GOUBStMPPonJlIK:eIW4eVeUdxpn1rZASSPPonJlIK

    Score
    8/10
    persistenceprivilege_escalation

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks