Overview

overview

8

Static

static

3

29bd2e981b...18.exe

windows7-x64

29bd2e981b...18.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    29bd2e981b6eb074ff3e2b7f747d713d_JaffaCakes118

  • Size

    92KB

  • Sample

    240707-fc3bqstgkk

  • MD5

    29bd2e981b6eb074ff3e2b7f747d713d

  • SHA1

    544d31d9d4ac8c4f6d1f1d4527641ee5c99a8515

  • SHA256

    ab385f0c34b25bda205b8721da7743a45506af352c7d2a0cbe193204ed0ad304

  • SHA512

    aa83db06bb78c61d1f720327090c215b9e686039562d55cd36d8166dd574117005400a11850d8d91f0f6f32cace8b164ff270abdf2df4a2f70a5e8dadca3ca6e

  • SSDEEP

    1536:RpVJ645ZSR0heWLC9QjOiphaFnkE+wSVoxgWwk6asqX2iQfE2CEIVqOj8FIGoCJF:RpVJj5Z60EWLqipOk8/Uk6UhQc2eqOzO

Score
8/10
persistenceprivilege_escalation

Malware Config

Targets

    • Target

      29bd2e981b6eb074ff3e2b7f747d713d_JaffaCakes118

    • Size

      92KB

    • MD5

      29bd2e981b6eb074ff3e2b7f747d713d

    • SHA1

      544d31d9d4ac8c4f6d1f1d4527641ee5c99a8515

    • SHA256

      ab385f0c34b25bda205b8721da7743a45506af352c7d2a0cbe193204ed0ad304

    • SHA512

      aa83db06bb78c61d1f720327090c215b9e686039562d55cd36d8166dd574117005400a11850d8d91f0f6f32cace8b164ff270abdf2df4a2f70a5e8dadca3ca6e

    • SSDEEP

      1536:RpVJ645ZSR0heWLC9QjOiphaFnkE+wSVoxgWwk6asqX2iQfE2CEIVqOj8FIGoCJF:RpVJj5Z60EWLqipOk8/Uk6UhQc2eqOzO

    Score
    8/10
    persistenceprivilege_escalation

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks