Overview

overview

8

Static

static

3

2a4d853e22...18.exe

windows7-x64

2a4d853e22...18.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2a4d853e22eaa7e213be3eacab79671a_JaffaCakes118

  • Size

    104KB

  • Sample

    240708-ajqzdstalm

  • MD5

    2a4d853e22eaa7e213be3eacab79671a

  • SHA1

    2297c9ca7ec30cfdee896d9d0f5d18215c0daa1f

  • SHA256

    b3b36185c18b2cd6f74c286770202979e06f61ba7a6f045211f3220f641699b4

  • SHA512

    b7d06a9a0f4ffddc67ca43f516b4da672e2707a4f2c2d6d388e08aba4d9c8a6a44d987ceee890779eb53e818401a8869ca08369c01f956a1720ab5c691d1a04a

  • SSDEEP

    1536:KTysm2NzBWpIyFoe/vuf1Xf0na7drRfwBLmax/m7c9ceu+nBgyoDPj6mQ:KTyshBWpGXMwdrRHQ/2DebBgyoD0

Score
8/10
persistenceprivilege_escalation

Malware Config

Targets

    • Target

      2a4d853e22eaa7e213be3eacab79671a_JaffaCakes118

    • Size

      104KB

    • MD5

      2a4d853e22eaa7e213be3eacab79671a

    • SHA1

      2297c9ca7ec30cfdee896d9d0f5d18215c0daa1f

    • SHA256

      b3b36185c18b2cd6f74c286770202979e06f61ba7a6f045211f3220f641699b4

    • SHA512

      b7d06a9a0f4ffddc67ca43f516b4da672e2707a4f2c2d6d388e08aba4d9c8a6a44d987ceee890779eb53e818401a8869ca08369c01f956a1720ab5c691d1a04a

    • SSDEEP

      1536:KTysm2NzBWpIyFoe/vuf1Xf0na7drRfwBLmax/m7c9ceu+nBgyoDPj6mQ:KTyshBWpGXMwdrRHQ/2DebBgyoD0

    Score
    8/10
    persistenceprivilege_escalation

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks