Overview

overview

8

Static

static

7

77fa184cdd...18.exe

windows7-x64

8

77fa184cdd...18.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    77fa184cdd4378f8208bcc5b21d0d09b_JaffaCakes118

  • Size

    12KB

  • Sample

    240727-m7hn5sygpg

  • MD5

    77fa184cdd4378f8208bcc5b21d0d09b

  • SHA1

    a73264909a0ec535c7e951c57ea920fc6788f8b5

  • SHA256

    71d8d202206b566417643609d5f7aeda67d25f958679a4204f1cb87a263559be

  • SHA512

    03c0df709592c3159af0853edf36e2ba8d05ba7515876318aba3712b9b3d1cde91ac22f6ee36899d9ae856a73567a5c648843b73963c4005faa5a0e5d5bc4217

  • SSDEEP

    192:bJpJTqFxHECxNKSjXuCiCSIC4m/mBaswbDSN2gg36r2P8dnLIWuCTwRbbVMzjeWC:FmFNECbSIG/HswHi2gghknLulgjeWg9

Score
8/10
discoverypersistenceprivilege_escalationupx

Malware Config

Targets

    • Target

      77fa184cdd4378f8208bcc5b21d0d09b_JaffaCakes118

    • Size

      12KB

    • MD5

      77fa184cdd4378f8208bcc5b21d0d09b

    • SHA1

      a73264909a0ec535c7e951c57ea920fc6788f8b5

    • SHA256

      71d8d202206b566417643609d5f7aeda67d25f958679a4204f1cb87a263559be

    • SHA512

      03c0df709592c3159af0853edf36e2ba8d05ba7515876318aba3712b9b3d1cde91ac22f6ee36899d9ae856a73567a5c648843b73963c4005faa5a0e5d5bc4217

    • SSDEEP

      192:bJpJTqFxHECxNKSjXuCiCSIC4m/mBaswbDSN2gg36r2P8dnLIWuCTwRbbVMzjeWC:FmFNECbSIG/HswHi2gghknLulgjeWg9

    Score
    8/10
    discoverypersistenceprivilege_escalationupx

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks