Overview

overview

8

Static

static

3

76d48b5b6c...18.exe

windows7-x64

8

76d48b5b6c...18.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    76d48b5b6ced6348b83fea2e63a26d9a_JaffaCakes118

  • Size

    13KB

  • Sample

    240727-dmhnzatcjp

  • MD5

    76d48b5b6ced6348b83fea2e63a26d9a

  • SHA1

    5ba22a9694c4c3b57441ed1caf90af95ef9ac6d8

  • SHA256

    ebd9e3a3030f5640fba36a26e299f07fa655cf00820b84ae52c430f86c09ef11

  • SHA512

    64b116f8ab3c2d16d2f8f423c9ebe2517a603117ae7b744ad1727b183be634a3f7da8239a6e2c183b6b5edd99c4cbb4497a43c83301c6ab0162af244d45afe6e

  • SSDEEP

    384:F3Yn4kw4GuB8q8pjHz92AtYNYLDHw840Y:NY4qUq8R9DzLDHb40Y

Score
8/10
discoverypersistenceprivilege_escalation

Malware Config

Targets

    • Target

      76d48b5b6ced6348b83fea2e63a26d9a_JaffaCakes118

    • Size

      13KB

    • MD5

      76d48b5b6ced6348b83fea2e63a26d9a

    • SHA1

      5ba22a9694c4c3b57441ed1caf90af95ef9ac6d8

    • SHA256

      ebd9e3a3030f5640fba36a26e299f07fa655cf00820b84ae52c430f86c09ef11

    • SHA512

      64b116f8ab3c2d16d2f8f423c9ebe2517a603117ae7b744ad1727b183be634a3f7da8239a6e2c183b6b5edd99c4cbb4497a43c83301c6ab0162af244d45afe6e

    • SSDEEP

      384:F3Yn4kw4GuB8q8pjHz92AtYNYLDHw840Y:NY4qUq8R9DzLDHb40Y

    Score
    8/10
    discoverypersistenceprivilege_escalation

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks