Overview

overview

8

Static

static

7

4509f27074...18.exe

windows7-x64

8

4509f27074...18.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4509f27074cb48741608c88daa17975d_JaffaCakes118

  • Size

    12KB

  • Sample

    240714-kb3nbswaka

  • MD5

    4509f27074cb48741608c88daa17975d

  • SHA1

    e945b8f36a514dd4bfcd483a27e3f4aa21a35a8c

  • SHA256

    4a30e6a329fef7153a78d95acf8a7b004278186608a3ac2c9d1818c0fe8e39d5

  • SHA512

    4ba73312ccb1a92ac35d05e11969768303e3821d8725fd4b9665cb98af52e811b3903d3751424a21cf515bfea1d5097ab2c1c1eadd3f5b7d76b0bd2dfc1658df

  • SSDEEP

    384:5X0D2z/Ga9gDmvwwIqw+bRv3nNsLR5oX5K:5kqCa9gDmJ4+Z9

Score
8/10
persistenceprivilege_escalationupx

Malware Config

Targets

    • Target

      4509f27074cb48741608c88daa17975d_JaffaCakes118

    • Size

      12KB

    • MD5

      4509f27074cb48741608c88daa17975d

    • SHA1

      e945b8f36a514dd4bfcd483a27e3f4aa21a35a8c

    • SHA256

      4a30e6a329fef7153a78d95acf8a7b004278186608a3ac2c9d1818c0fe8e39d5

    • SHA512

      4ba73312ccb1a92ac35d05e11969768303e3821d8725fd4b9665cb98af52e811b3903d3751424a21cf515bfea1d5097ab2c1c1eadd3f5b7d76b0bd2dfc1658df

    • SSDEEP

      384:5X0D2z/Ga9gDmvwwIqw+bRv3nNsLR5oX5K:5kqCa9gDmJ4+Z9

    Score
    8/10
    persistenceprivilege_escalationupx

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks