Overview

overview

8

Static

static

3

283f0561d9...18.exe

windows7-x64

8

283f0561d9...18.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    283f0561d9b517ff0aa2b1d40116f17c_JaffaCakes118

  • Size

    44KB

  • Sample

    240706-mn6lvsweqq

  • MD5

    283f0561d9b517ff0aa2b1d40116f17c

  • SHA1

    d6f90a54433bdd3900b593d580c5d0004dd007c4

  • SHA256

    ca271a5021ed5e193503231b39a2927ad5d172fa29d213f18b0f494efbeddd96

  • SHA512

    5533255c6b7034f8cc3fb313a3fec13f9ea0321a0e3a20aba9b50895135fc748294b8828ed2bacb2a2db728e6ea8e32980071a8d34893956e2656a5a044e7fe0

  • SSDEEP

    384:rqJsJ6KCiADKNDvnOiK37AhlxKmFQp7h6AaaoXMypct5mAahUk:rdJEVDKNjnOi4/tPaaoXTat5mnhUk

Score
8/10
persistenceprivilege_escalation

Malware Config

Targets

    • Target

      283f0561d9b517ff0aa2b1d40116f17c_JaffaCakes118

    • Size

      44KB

    • MD5

      283f0561d9b517ff0aa2b1d40116f17c

    • SHA1

      d6f90a54433bdd3900b593d580c5d0004dd007c4

    • SHA256

      ca271a5021ed5e193503231b39a2927ad5d172fa29d213f18b0f494efbeddd96

    • SHA512

      5533255c6b7034f8cc3fb313a3fec13f9ea0321a0e3a20aba9b50895135fc748294b8828ed2bacb2a2db728e6ea8e32980071a8d34893956e2656a5a044e7fe0

    • SSDEEP

      384:rqJsJ6KCiADKNDvnOiK37AhlxKmFQp7h6AaaoXMypct5mAahUk:rdJEVDKNjnOi4/tPaaoXTat5mnhUk

    Score
    8/10
    persistenceprivilege_escalation

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks