Overview

overview

8

Static

static

3

6966716f37...18.exe

windows7-x64

6966716f37...18.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    6966716f379232d2444a224462e67fdb_JaffaCakes118

  • Size

    100KB

  • Sample

    240723-3hsqtaybkc

  • MD5

    6966716f379232d2444a224462e67fdb

  • SHA1

    aab90f4868337b62161764f136356e14a253e528

  • SHA256

    d8293f9f59ec101b1e74382c75c86e33c6372fcb451259976b14aa1ec0311de3

  • SHA512

    ba40e3b16b01727d76a836eb55cba280b3a202d6c2b51518053799af415e89a2acd34cb573f3fa25d6d0b8b33aaca5bc248ff76203eed94175929a05e795246b

  • SSDEEP

    3072:CmXNlhYakqEjyBrqMBdFE9x0YPLgo47Y:PPhYa5EtMBdW9NI7Y

Score
8/10
discoverypersistenceprivilege_escalation

Malware Config

Targets

    • Target

      6966716f379232d2444a224462e67fdb_JaffaCakes118

    • Size

      100KB

    • MD5

      6966716f379232d2444a224462e67fdb

    • SHA1

      aab90f4868337b62161764f136356e14a253e528

    • SHA256

      d8293f9f59ec101b1e74382c75c86e33c6372fcb451259976b14aa1ec0311de3

    • SHA512

      ba40e3b16b01727d76a836eb55cba280b3a202d6c2b51518053799af415e89a2acd34cb573f3fa25d6d0b8b33aaca5bc248ff76203eed94175929a05e795246b

    • SSDEEP

      3072:CmXNlhYakqEjyBrqMBdFE9x0YPLgo47Y:PPhYa5EtMBdW9NI7Y

    Score
    8/10
    discoverypersistenceprivilege_escalation

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks