Overview

overview

8

Static

static

3

a49fca207d...18.exe

windows7-x64

a49fca207d...18.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a49fca207d9833f016fcd7ef529fec3e_JaffaCakes118

  • Size

    100KB

  • Sample

    240818-adqrfaxcnk

  • MD5

    a49fca207d9833f016fcd7ef529fec3e

  • SHA1

    616ea2743e0720bd595d787a29fc8022df894a51

  • SHA256

    bf018be2e555548c3431f1e07b84fc0cbebe2d592841174a12823ae37848ad16

  • SHA512

    4c9611e10c01c265ac818c8f4bf01758b616088e5cc1aa1cd4d1ed0217952ec06078ef34cb27f8584d5e9526b2fc52c2c2dfe208f8f4cd6564eedb32cba621d5

  • SSDEEP

    1536:LFvU7xTab3Q5bdfkgyF0SbMnn8uzCWAyUuTHM0mno+cJlId:dqajNonn7zCWAvuTSnohJlId

Score
8/10
discoverypersistenceprivilege_escalation

Malware Config

Targets

    • Target

      a49fca207d9833f016fcd7ef529fec3e_JaffaCakes118

    • Size

      100KB

    • MD5

      a49fca207d9833f016fcd7ef529fec3e

    • SHA1

      616ea2743e0720bd595d787a29fc8022df894a51

    • SHA256

      bf018be2e555548c3431f1e07b84fc0cbebe2d592841174a12823ae37848ad16

    • SHA512

      4c9611e10c01c265ac818c8f4bf01758b616088e5cc1aa1cd4d1ed0217952ec06078ef34cb27f8584d5e9526b2fc52c2c2dfe208f8f4cd6564eedb32cba621d5

    • SSDEEP

      1536:LFvU7xTab3Q5bdfkgyF0SbMnn8uzCWAyUuTHM0mno+cJlId:dqajNonn7zCWAvuTSnohJlId

    Score
    8/10
    discoverypersistenceprivilege_escalation

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks