Overview

overview

8

Static

static

3

4c6f1713fd...18.exe

windows7-x64

4c6f1713fd...18.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    4c6f1713fd4713695bce8b90f37d15b2_JaffaCakes118

  • Size

    124KB

  • Sample

    240716-cyvbgatdqc

  • MD5

    4c6f1713fd4713695bce8b90f37d15b2

  • SHA1

    3482f7f0c37e9bf051aaebfedae5d47a1b3f348e

  • SHA256

    4d2a5ea5653e9d244c49d35f8ea13d8a9cba4703c210e9a05994a607771283dd

  • SHA512

    40e21951ea16cad536c3e28d9653c41bf2e81bc97973764733c5d580b1f465e579aeca946be4b607f79db38f980a6a91736328f877df65d80fe87b8fdf0f9c02

  • SSDEEP

    1536:XRsCsju31wmp1EGKcokk1IO5b1L3BlDeliLFcHo5A4PXHuAkl5zCH:hsM31FfFW1IOF1LBl2iLiHo5LWAE5zY

Score
8/10
persistenceprivilege_escalation

Malware Config

Targets

    • Target

      4c6f1713fd4713695bce8b90f37d15b2_JaffaCakes118

    • Size

      124KB

    • MD5

      4c6f1713fd4713695bce8b90f37d15b2

    • SHA1

      3482f7f0c37e9bf051aaebfedae5d47a1b3f348e

    • SHA256

      4d2a5ea5653e9d244c49d35f8ea13d8a9cba4703c210e9a05994a607771283dd

    • SHA512

      40e21951ea16cad536c3e28d9653c41bf2e81bc97973764733c5d580b1f465e579aeca946be4b607f79db38f980a6a91736328f877df65d80fe87b8fdf0f9c02

    • SSDEEP

      1536:XRsCsju31wmp1EGKcokk1IO5b1L3BlDeliLFcHo5A4PXHuAkl5zCH:hsM31FfFW1IOF1LBl2iLiHo5LWAE5zY

    Score
    8/10
    persistenceprivilege_escalation

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks