Overview

overview

8

Static

static

3

a3a983c482...18.exe

windows7-x64

a3a983c482...18.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    a3a983c4827bbddb7a88a96e39b54aab_JaffaCakes118

  • Size

    92KB

  • Sample

    240817-w66h9azfmf

  • MD5

    a3a983c4827bbddb7a88a96e39b54aab

  • SHA1

    ad357c582c9f4e2ac38cbc5e2c55674de518bb5d

  • SHA256

    7a27f1ea5cf0c09d42fb89304de07df2f356c1123385a4eaa75a60fd6fa16fdf

  • SHA512

    d67a4e7897dcfb598f726e65d24fb2f2a3bb20b9fcdfc7dae86e7c3cccf941257dfbd395e3a88dcae764f90d010dc25742569029ae3b34e704e925d47b258e6d

  • SSDEEP

    1536:Muyv2iXcuFYTX1RIRTwf01lzaGknm8mKDT+oXVnYqtkVqOj8FIGoCJlIU:MFv2isFTsNs0NAm9KDD2CQqOzGoCJlIU

Score
8/10
discoverypersistenceprivilege_escalation

Malware Config

Targets

    • Target

      a3a983c4827bbddb7a88a96e39b54aab_JaffaCakes118

    • Size

      92KB

    • MD5

      a3a983c4827bbddb7a88a96e39b54aab

    • SHA1

      ad357c582c9f4e2ac38cbc5e2c55674de518bb5d

    • SHA256

      7a27f1ea5cf0c09d42fb89304de07df2f356c1123385a4eaa75a60fd6fa16fdf

    • SHA512

      d67a4e7897dcfb598f726e65d24fb2f2a3bb20b9fcdfc7dae86e7c3cccf941257dfbd395e3a88dcae764f90d010dc25742569029ae3b34e704e925d47b258e6d

    • SSDEEP

      1536:Muyv2iXcuFYTX1RIRTwf01lzaGknm8mKDT+oXVnYqtkVqOj8FIGoCJlIU:MFv2isFTsNs0NAm9KDD2CQqOzGoCJlIU

    Score
    8/10
    discoverypersistenceprivilege_escalation

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks