Overview

overview

8

Static

static

3

8ea9f2f444...18.exe

windows7-x64

8ea9f2f444...18.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    8ea9f2f4443cc0c21b9d5ae106618f47_JaffaCakes118

  • Size

    96KB

  • Sample

    240812-n62ajazfmn

  • MD5

    8ea9f2f4443cc0c21b9d5ae106618f47

  • SHA1

    7478ef2bc66b81e2ce9e3d89bd29ead0425e8e0d

  • SHA256

    165cb71c65fa42cb5114fcc6aa4c2099822b61d82a72310980e7a0b5bc1e912e

  • SHA512

    ac5be164de5297bd4d5a25da5deae0a81176f71276eaa1fbabaf8f7e134a622148fadc57de189ff1622dc17d09ec5b3b8e2e6c96534e690c663006e2e584604b

  • SSDEEP

    1536:ZtkHCoMf4AYPCZAoQ2/5A4BzlUA2m6S8z7zPWegL2sdmxo+:kHCVA767hAMlUTmVHD5Qxo+

Score
8/10
discoverypersistenceprivilege_escalation

Malware Config

Targets

    • Target

      8ea9f2f4443cc0c21b9d5ae106618f47_JaffaCakes118

    • Size

      96KB

    • MD5

      8ea9f2f4443cc0c21b9d5ae106618f47

    • SHA1

      7478ef2bc66b81e2ce9e3d89bd29ead0425e8e0d

    • SHA256

      165cb71c65fa42cb5114fcc6aa4c2099822b61d82a72310980e7a0b5bc1e912e

    • SHA512

      ac5be164de5297bd4d5a25da5deae0a81176f71276eaa1fbabaf8f7e134a622148fadc57de189ff1622dc17d09ec5b3b8e2e6c96534e690c663006e2e584604b

    • SSDEEP

      1536:ZtkHCoMf4AYPCZAoQ2/5A4BzlUA2m6S8z7zPWegL2sdmxo+:kHCVA767hAMlUTmVHD5Qxo+

    Score
    8/10
    discoverypersistenceprivilege_escalation

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks