Overview

overview

8

Static

static

3

865a4f32d1...18.exe

windows7-x64

865a4f32d1...18.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    865a4f32d13b768146c02a48835cd87d_JaffaCakes118

  • Size

    100KB

  • Sample

    240810-rewshssfjr

  • MD5

    865a4f32d13b768146c02a48835cd87d

  • SHA1

    3b235ef82c21133f7d3940fe54fd7476ac041658

  • SHA256

    bb20991be2b1b76a3b2e03d2d358d08f5a51061d399823f0d9b5cae0235429ea

  • SHA512

    24eec63bfa20d05ab7d5e2dc2f92d6fb21eeea4a41d3be1a56c996ef113297ac611b9a74f209038141d32a4eff9ca7e2081093750a13459d6fef42eb55d8c538

  • SSDEEP

    3072:AT5VHqgvpZksyouJcz0Mn819uTSnohJlId:AXpkxowcz0Mn81sPId

Score
8/10
discoverypersistenceprivilege_escalation

Malware Config

Targets

    • Target

      865a4f32d13b768146c02a48835cd87d_JaffaCakes118

    • Size

      100KB

    • MD5

      865a4f32d13b768146c02a48835cd87d

    • SHA1

      3b235ef82c21133f7d3940fe54fd7476ac041658

    • SHA256

      bb20991be2b1b76a3b2e03d2d358d08f5a51061d399823f0d9b5cae0235429ea

    • SHA512

      24eec63bfa20d05ab7d5e2dc2f92d6fb21eeea4a41d3be1a56c996ef113297ac611b9a74f209038141d32a4eff9ca7e2081093750a13459d6fef42eb55d8c538

    • SSDEEP

      3072:AT5VHqgvpZksyouJcz0Mn819uTSnohJlId:AXpkxowcz0Mn81sPId

    Score
    8/10
    discoverypersistenceprivilege_escalation

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks