Overview

overview

8

Static

static

7

64cd1f94cb...18.exe

windows7-x64

8

64cd1f94cb...18.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    64cd1f94cb4630da73c26eaa5aedc3cb_JaffaCakes118

  • Size

    12KB

  • Sample

    240722-zw2n4ayalc

  • MD5

    64cd1f94cb4630da73c26eaa5aedc3cb

  • SHA1

    bf0b36a7d095f119e3c5dd6ff63393f32a15f1ab

  • SHA256

    d1376c75d47ed2fc085f12612d1f543a115099c2f79f87236103187216a4ef93

  • SHA512

    7919bfc7209b5593d7cebe8194400fd41d6ed11b6499e8cd97857f4e6c199ed60a7058a44a14ee12ab35cb610391e523d81970484d8989f6cae1f0da785f5ec8

  • SSDEEP

    192:x7zDypqF9t20e6axQRDww2+ti7Csk7hJtB3KLWjmKIjFdJQyRTyy2es:x7A620eIg+aIDtSW/qFnQyRTKV

Score
8/10
persistenceprivilege_escalationupx

Malware Config

Targets

    • Target

      64cd1f94cb4630da73c26eaa5aedc3cb_JaffaCakes118

    • Size

      12KB

    • MD5

      64cd1f94cb4630da73c26eaa5aedc3cb

    • SHA1

      bf0b36a7d095f119e3c5dd6ff63393f32a15f1ab

    • SHA256

      d1376c75d47ed2fc085f12612d1f543a115099c2f79f87236103187216a4ef93

    • SHA512

      7919bfc7209b5593d7cebe8194400fd41d6ed11b6499e8cd97857f4e6c199ed60a7058a44a14ee12ab35cb610391e523d81970484d8989f6cae1f0da785f5ec8

    • SSDEEP

      192:x7zDypqF9t20e6axQRDww2+ti7Csk7hJtB3KLWjmKIjFdJQyRTyy2es:x7A620eIg+aIDtSW/qFnQyRTKV

    Score
    8/10
    persistenceprivilege_escalationupx

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks