Overview

overview

8

Static

static

3

a1ae5a892d...18.exe

windows7-x64

a1ae5a892d...18.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a1ae5a892d91c55f8b873b45011c40b7_JaffaCakes118

  • Size

    104KB

  • Sample

    240817-jc74rsxemn

  • MD5

    a1ae5a892d91c55f8b873b45011c40b7

  • SHA1

    6daa4f85f3db2e87802ae7028eaa907edd43744b

  • SHA256

    38f03686adb0e145cfbfd4631d6d487b178b3aab3925083b70df3eace3741287

  • SHA512

    e5f27345b58b95ab2271c60b7a7f620f63be379624914114f97b8b72b668b9320992d5e16db3e1acf76640bb4cf218c6586fe3fe465ae78cc69958b7ce3adbaa

  • SSDEEP

    3072:YqlQm7IzyphGn13bE85j7nflDSdJizu6cXzyoe:OznnV1XndmTiLcjQ

Score
8/10
discoverypersistenceprivilege_escalation

Malware Config

Targets

    • Target

      a1ae5a892d91c55f8b873b45011c40b7_JaffaCakes118

    • Size

      104KB

    • MD5

      a1ae5a892d91c55f8b873b45011c40b7

    • SHA1

      6daa4f85f3db2e87802ae7028eaa907edd43744b

    • SHA256

      38f03686adb0e145cfbfd4631d6d487b178b3aab3925083b70df3eace3741287

    • SHA512

      e5f27345b58b95ab2271c60b7a7f620f63be379624914114f97b8b72b668b9320992d5e16db3e1acf76640bb4cf218c6586fe3fe465ae78cc69958b7ce3adbaa

    • SSDEEP

      3072:YqlQm7IzyphGn13bE85j7nflDSdJizu6cXzyoe:OznnV1XndmTiLcjQ

    Score
    8/10
    discoverypersistenceprivilege_escalation

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks