Overview

overview

8

Static

static

3

ac34da4e3e...18.exe

windows7-x64

8

ac34da4e3e...18.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    ac34da4e3e27247148c0125a08c3ada2_JaffaCakes118

  • Size

    52KB

  • Sample

    240819-xrxs8svcnk

  • MD5

    ac34da4e3e27247148c0125a08c3ada2

  • SHA1

    663098af09b4841f22d69438dc6b52d8fbe5a07a

  • SHA256

    d72996931379cc9f75e17316357860aa64779d999cad9536af0ec68cee2842e1

  • SHA512

    aeb809182d8f67020c5594cf5b691403cc8548bdcab5383f9f21793a3ab66aed32433240a1eae4ac77c6ccc42a9d03c7a2d6e723e9a14b67fd3495b5cf7e5c51

  • SSDEEP

    768:67BO1UqFl/PUfIrkXtgWRTRTDPTT02C4fnxZX:6c1BTkfn9S2tfxZ

Score
8/10
discoverypersistenceprivilege_escalation

Malware Config

Targets

    • Target

      ac34da4e3e27247148c0125a08c3ada2_JaffaCakes118

    • Size

      52KB

    • MD5

      ac34da4e3e27247148c0125a08c3ada2

    • SHA1

      663098af09b4841f22d69438dc6b52d8fbe5a07a

    • SHA256

      d72996931379cc9f75e17316357860aa64779d999cad9536af0ec68cee2842e1

    • SHA512

      aeb809182d8f67020c5594cf5b691403cc8548bdcab5383f9f21793a3ab66aed32433240a1eae4ac77c6ccc42a9d03c7a2d6e723e9a14b67fd3495b5cf7e5c51

    • SSDEEP

      768:67BO1UqFl/PUfIrkXtgWRTRTDPTT02C4fnxZX:6c1BTkfn9S2tfxZ

    Score
    8/10
    discoverypersistenceprivilege_escalation

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks