Overview

overview

8

Static

static

3

254e1228b3...18.exe

windows7-x64

8

254e1228b3...18.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    254e1228b306da930f1af941282d8a3d_JaffaCakes118

  • Size

    41KB

  • Sample

    240704-kkb7qssfll

  • MD5

    254e1228b306da930f1af941282d8a3d

  • SHA1

    d414abe8206e496e8490607ccbfb544b820d663f

  • SHA256

    6fc2e7e010cae84040b3c3bf3dfa4adb97ebb1b3bc9bae20cfa42cee81367c1a

  • SHA512

    7088816d0d8f027391998767b30558a869da1567e65fffb4e0b7fdbb49d04b1e37f335dbab0ab4969ac3b78077c67bb548c0f6b5bc9ead8b11222577b8c9271c

  • SSDEEP

    768:cpGhvOoZCjoZmJq5edTC857gKWpk32qsBKDaLWCzEoV68KL/cAoMdDTOf:cghVZCcZmJq5edTC857gK2k32qsBmaLJ

Score
8/10
persistenceprivilege_escalation

Malware Config

Targets

    • Target

      254e1228b306da930f1af941282d8a3d_JaffaCakes118

    • Size

      41KB

    • MD5

      254e1228b306da930f1af941282d8a3d

    • SHA1

      d414abe8206e496e8490607ccbfb544b820d663f

    • SHA256

      6fc2e7e010cae84040b3c3bf3dfa4adb97ebb1b3bc9bae20cfa42cee81367c1a

    • SHA512

      7088816d0d8f027391998767b30558a869da1567e65fffb4e0b7fdbb49d04b1e37f335dbab0ab4969ac3b78077c67bb548c0f6b5bc9ead8b11222577b8c9271c

    • SSDEEP

      768:cpGhvOoZCjoZmJq5edTC857gKWpk32qsBKDaLWCzEoV68KL/cAoMdDTOf:cghVZCcZmJq5edTC857gK2k32qsBmaLJ

    Score
    8/10
    persistenceprivilege_escalation

    • Event Triggered Execution: AppCert DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppCert DLLs loaded into processes.

      persistenceprivilege_escalation

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks