Overview

overview

8

Static

static

7

ab2cd84de8...18.exe

windows7-x64

8

ab2cd84de8...18.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ab2cd84de81cf3f16cd1b783f6b08a4f_JaffaCakes118

  • Size

    29KB

  • Sample

    240819-qj8gfawcpe

  • MD5

    ab2cd84de81cf3f16cd1b783f6b08a4f

  • SHA1

    750b96eeb3d4e1d6ddc0cac3a78693135e8b0a63

  • SHA256

    ecc3d7085a56f8623f5f4d1881278e8b562980fedfaca55823d1ac5fc3979824

  • SHA512

    aedbebaa3f07e03021232cf249eb74a451600c620318fe0807e98739c2f85e751088b261294c30c88a5fcff120ef7f88ee4e91513ebfc71387fd188abda71590

  • SSDEEP

    768:IFpoxeFRQ7SW5LBCp2KkyF7QCmYEw59JS7Fp:qpmefQ7bVKRQCmYEwvJS7Fp

Score
8/10
discoverypersistenceprivilege_escalationupx

Malware Config

Targets

    • Target

      ab2cd84de81cf3f16cd1b783f6b08a4f_JaffaCakes118

    • Size

      29KB

    • MD5

      ab2cd84de81cf3f16cd1b783f6b08a4f

    • SHA1

      750b96eeb3d4e1d6ddc0cac3a78693135e8b0a63

    • SHA256

      ecc3d7085a56f8623f5f4d1881278e8b562980fedfaca55823d1ac5fc3979824

    • SHA512

      aedbebaa3f07e03021232cf249eb74a451600c620318fe0807e98739c2f85e751088b261294c30c88a5fcff120ef7f88ee4e91513ebfc71387fd188abda71590

    • SSDEEP

      768:IFpoxeFRQ7SW5LBCp2KkyF7QCmYEw59JS7Fp:qpmefQ7bVKRQCmYEwvJS7Fp

    Score
    8/10
    discoverypersistenceprivilege_escalationupx

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks