Overview

overview

8

Static

static

3

6f5ab91567...18.exe

windows7-x64

6f5ab91567...18.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    6f5ab915672767a7ca232e5317f048fc_JaffaCakes118

  • Size

    92KB

  • Sample

    240725-nfdfsayeld

  • MD5

    6f5ab915672767a7ca232e5317f048fc

  • SHA1

    8a8da6a078f68c8dab1af7689661e8e90c86e04a

  • SHA256

    4472df4ea66d85bb4df818704f73cff3c947ca2953542c544b45e17610ba3d06

  • SHA512

    6b2f148a06c0ce92a150e2a5e1726f71d08e72fe348486cc458ef5a0d5e6c82ff351c71e910ee9d6183135412379095588f1936b5bc1d954ef6d74a87a421706

  • SSDEEP

    1536:9Pckckk+v8gBqwpWTGXaf6ffyh2Y8ASpgtlEBiy2rec4LipOTYhcPAlqeTCQ1ios:JRclZgQuWTGXaf6yh2Y8NEfdePEqe/in

Score
8/10
discoverypersistenceprivilege_escalation

Malware Config

Targets

    • Target

      6f5ab915672767a7ca232e5317f048fc_JaffaCakes118

    • Size

      92KB

    • MD5

      6f5ab915672767a7ca232e5317f048fc

    • SHA1

      8a8da6a078f68c8dab1af7689661e8e90c86e04a

    • SHA256

      4472df4ea66d85bb4df818704f73cff3c947ca2953542c544b45e17610ba3d06

    • SHA512

      6b2f148a06c0ce92a150e2a5e1726f71d08e72fe348486cc458ef5a0d5e6c82ff351c71e910ee9d6183135412379095588f1936b5bc1d954ef6d74a87a421706

    • SSDEEP

      1536:9Pckckk+v8gBqwpWTGXaf6ffyh2Y8ASpgtlEBiy2rec4LipOTYhcPAlqeTCQ1ios:JRclZgQuWTGXaf6yh2Y8NEfdePEqe/in

    Score
    8/10
    discoverypersistenceprivilege_escalation

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks