Overview

overview

8

Static

static

3

888e6e65bc...18.exe

windows7-x64

888e6e65bc...18.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    888e6e65bc58133eede04ca07e4e3926_JaffaCakes118

  • Size

    100KB

  • Sample

    240811-cej2dszcmn

  • MD5

    888e6e65bc58133eede04ca07e4e3926

  • SHA1

    21da0d60a8f50e815a460616994b8f3d27d01897

  • SHA256

    ae5bf8606dfcf152c20338afd1a9cd33ea6b39cb86116c54b8e5e14ccfe10828

  • SHA512

    239aff7a03e135308eb3be8c010b22953a5b3b5c8951bdbc560731b6dc84c7d2dcccefdf5f5005f9f773969af6b99dc9b45252c99b988fd719cb4885cdab19ea

  • SSDEEP

    3072:yPk2d0UY8urgctXJ3lu8rlg2D1Bx0YPLgo47Y:Qa8uUOu+gkBNI7Y

Score
8/10
discoverypersistenceprivilege_escalation

Malware Config

Targets

    • Target

      888e6e65bc58133eede04ca07e4e3926_JaffaCakes118

    • Size

      100KB

    • MD5

      888e6e65bc58133eede04ca07e4e3926

    • SHA1

      21da0d60a8f50e815a460616994b8f3d27d01897

    • SHA256

      ae5bf8606dfcf152c20338afd1a9cd33ea6b39cb86116c54b8e5e14ccfe10828

    • SHA512

      239aff7a03e135308eb3be8c010b22953a5b3b5c8951bdbc560731b6dc84c7d2dcccefdf5f5005f9f773969af6b99dc9b45252c99b988fd719cb4885cdab19ea

    • SSDEEP

      3072:yPk2d0UY8urgctXJ3lu8rlg2D1Bx0YPLgo47Y:Qa8uUOu+gkBNI7Y

    Score
    8/10
    discoverypersistenceprivilege_escalation

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks