4246ae0769abaf929a01026643ba1a9c3c8b7ce040f20e06e4c2490ae96d09cc | Triage

Submit
Reports

Overview

overview

8

Static

static

7

182aa3600b...18.exe

windows7-x64

8

182aa3600b...18.exe

windows10-2004-x64

8

Sharing

General

Target

182aa3600b2e2a2582cbdff590cc0efe_JaffaCakes118
Size

18KB
Sample

240628-a4msgatgql
MD5

182aa3600b2e2a2582cbdff590cc0efe
SHA1

e9c4faee3e83b3c565d302f0ac9984dbda7d0584
SHA256

4246ae0769abaf929a01026643ba1a9c3c8b7ce040f20e06e4c2490ae96d09cc
SHA512

7586764daf90a77e9a9832d5a202c65b3f52bd92d6924ec6a2061825b48929212a977a5723958edd66dcb4e015ee273a0a1847c6c87a5e673879e2faf1e0fe39
SSDEEP

384:wZEAjClLuN1Vng8SlPH21IxwmySHLd9c1/4Q:wyQClCLtkJHFxwm5AA

Score

8^/10

persistence privilege_escalation upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

182aa3600b2e2a2582cbdff590cc0efe_JaffaCakes118.exe

Resource

win7-20240611-en

persistence privilege_escalation upx

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

182aa3600b2e2a2582cbdff590cc0efe_JaffaCakes118.exe

Resource

win10v2004-20240508-en

persistence privilege_escalation upx

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  182aa3600b2e2a2582cbdff590cc0efe_JaffaCakes118
- Size
  
  18KB
- MD5
  
  182aa3600b2e2a2582cbdff590cc0efe
- SHA1
  
  e9c4faee3e83b3c565d302f0ac9984dbda7d0584
- SHA256
  
  4246ae0769abaf929a01026643ba1a9c3c8b7ce040f20e06e4c2490ae96d09cc
- SHA512
  
  7586764daf90a77e9a9832d5a202c65b3f52bd92d6924ec6a2061825b48929212a977a5723958edd66dcb4e015ee273a0a1847c6c87a5e673879e2faf1e0fe39
- SSDEEP
  
  384:wZEAjClLuN1Vng8SlPH21IxwmySHLd9c1/4Q:wyQClCLtkJHFxwm5AA
Score

8^/10

persistence privilege_escalation upx
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Deletes itself
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistenceprivilege_escalationupx

behavioral2

persistenceprivilege_escalationupx

© 2018-2024

Terms | Privacy