Overview

overview

8

Static

static

3

a7ad5e2c40...18.exe

windows7-x64

a7ad5e2c40...18.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    a7ad5e2c408589c492b766aa1db521e6_JaffaCakes118

  • Size

    100KB

  • Sample

    240818-wrbqbszelq

  • MD5

    a7ad5e2c408589c492b766aa1db521e6

  • SHA1

    5065e05808b9c9bbefd4093862b2521078481f65

  • SHA256

    b3362c9db95e19211169404af736f41531c49885a7888bfce26cf27d16636822

  • SHA512

    ac5670d922d901511ecf7d87382cf3476754e632f218d18c394095253442c83ede265859867b1914d32b2a313fa7866205e96ce6931c5773798c25ca3a30d12e

  • SSDEEP

    1536:dNamcU7U0GIvWg1VEIKpkXFS12azLcgyv4aYYxvWqfgoqHYRIA:dNaqwNC48FAaYY9Wqfgo2Y

Score
8/10
discoverypersistenceprivilege_escalation

Malware Config

Targets

    • Target

      a7ad5e2c408589c492b766aa1db521e6_JaffaCakes118

    • Size

      100KB

    • MD5

      a7ad5e2c408589c492b766aa1db521e6

    • SHA1

      5065e05808b9c9bbefd4093862b2521078481f65

    • SHA256

      b3362c9db95e19211169404af736f41531c49885a7888bfce26cf27d16636822

    • SHA512

      ac5670d922d901511ecf7d87382cf3476754e632f218d18c394095253442c83ede265859867b1914d32b2a313fa7866205e96ce6931c5773798c25ca3a30d12e

    • SSDEEP

      1536:dNamcU7U0GIvWg1VEIKpkXFS12azLcgyv4aYYxvWqfgoqHYRIA:dNaqwNC48FAaYY9Wqfgo2Y

    Score
    8/10
    discoverypersistenceprivilege_escalation

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks