Overview

overview

8

Static

static

3

786912939a...18.exe

windows7-x64

786912939a...18.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    786912939a190b70a617de5ec8391df9_JaffaCakes118

  • Size

    100KB

  • Sample

    240727-raj8xsseml

  • MD5

    786912939a190b70a617de5ec8391df9

  • SHA1

    5af846733c92e567ed3a26cc5a832de1bfdb593e

  • SHA256

    222490afd40b1296c93a2d590014d4ec76f14acb2f14d671ee520a296fb7c02f

  • SHA512

    cdc56664930a383ca4bb73886700adc246e2d00da07b82dca1626f57a170a6cf8654595b5c72d170a5b71b9172655331dddbe5a127d2c0551ca75dae1c86cbf9

  • SSDEEP

    3072:J5fAc7AxEhe+dNA9KtlRP539xQSYuTSnohJlId:PB8x4RlRpzdPId

Score
8/10
discoverypersistenceprivilege_escalation

Malware Config

Targets

    • Target

      786912939a190b70a617de5ec8391df9_JaffaCakes118

    • Size

      100KB

    • MD5

      786912939a190b70a617de5ec8391df9

    • SHA1

      5af846733c92e567ed3a26cc5a832de1bfdb593e

    • SHA256

      222490afd40b1296c93a2d590014d4ec76f14acb2f14d671ee520a296fb7c02f

    • SHA512

      cdc56664930a383ca4bb73886700adc246e2d00da07b82dca1626f57a170a6cf8654595b5c72d170a5b71b9172655331dddbe5a127d2c0551ca75dae1c86cbf9

    • SSDEEP

      3072:J5fAc7AxEhe+dNA9KtlRP539xQSYuTSnohJlId:PB8x4RlRpzdPId

    Score
    8/10
    discoverypersistenceprivilege_escalation

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks