Overview

overview

8

Static

static

3

b58a4285ad...18.exe

windows7-x64

b58a4285ad...18.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b58a4285ad0fdf8b8bfe5305e18a09a2_JaffaCakes118

  • Size

    92KB

  • Sample

    240821-3w6vlaxcrb

  • MD5

    b58a4285ad0fdf8b8bfe5305e18a09a2

  • SHA1

    14a3640311971e6d26dd31a521b8611fda756b3d

  • SHA256

    1eb58a012c098c6586ea678da700b7b758fd486f89a23df1d84d73ead9848cfd

  • SHA512

    5514bc407c4d55940e9ca6e0a98ea0645422b6109aadcb5bd70ade490eb6c52d57f4e37c601105d280a9fa93be9955a85ff590a6d480590042724d9c984985d9

  • SSDEEP

    1536:HLjo3/Lvpdg1HfwDyxIJxbkHcug2rTH7ZZYQMHv/57IQ0Sg/SQDCuhUk1sTLzMo:H/m/rpd6HfwDyKnb6cus7IFr1SKsPzMo

Score
8/10
discoverypersistenceprivilege_escalation

Malware Config

Targets

    • Target

      b58a4285ad0fdf8b8bfe5305e18a09a2_JaffaCakes118

    • Size

      92KB

    • MD5

      b58a4285ad0fdf8b8bfe5305e18a09a2

    • SHA1

      14a3640311971e6d26dd31a521b8611fda756b3d

    • SHA256

      1eb58a012c098c6586ea678da700b7b758fd486f89a23df1d84d73ead9848cfd

    • SHA512

      5514bc407c4d55940e9ca6e0a98ea0645422b6109aadcb5bd70ade490eb6c52d57f4e37c601105d280a9fa93be9955a85ff590a6d480590042724d9c984985d9

    • SSDEEP

      1536:HLjo3/Lvpdg1HfwDyxIJxbkHcug2rTH7ZZYQMHv/57IQ0Sg/SQDCuhUk1sTLzMo:H/m/rpd6HfwDyKnb6cus7IFr1SKsPzMo

    Score
    8/10
    discoverypersistenceprivilege_escalation

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks