Overview

overview

8

Static

static

3

b3d2c87e34...18.exe

windows7-x64

b3d2c87e34...18.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    b3d2c87e3448dde75f1d7d67180a3d63_JaffaCakes118

  • Size

    92KB

  • Sample

    240821-rrzpyatcjd

  • MD5

    b3d2c87e3448dde75f1d7d67180a3d63

  • SHA1

    9a98b859f585c5fb6691491882a79a25d06576a5

  • SHA256

    e4f2accc42d011eb8f30735b42b9f242ac02333573d0e07241519a4d67c78af8

  • SHA512

    23cf6dbbfe847733f0c9a9ee585a072f031f0b1587e29a0e6c18b6ffd00a19dab492e24c02887d656af2a85c831f5c2bbe23d32332ee6d3b7529a3bd824b9f4e

  • SSDEEP

    1536:UlFK1o2+0r8mZZZneRnKzdBfI4A9W8yRxvfvrSgu7ofRD2c8yNzVqOj8FIGoCJlz:UDK1namjNgKhBccvRNvrS4R8cqOzGoCX

Score
8/10
discoverypersistenceprivilege_escalation

Malware Config

Targets

    • Target

      b3d2c87e3448dde75f1d7d67180a3d63_JaffaCakes118

    • Size

      92KB

    • MD5

      b3d2c87e3448dde75f1d7d67180a3d63

    • SHA1

      9a98b859f585c5fb6691491882a79a25d06576a5

    • SHA256

      e4f2accc42d011eb8f30735b42b9f242ac02333573d0e07241519a4d67c78af8

    • SHA512

      23cf6dbbfe847733f0c9a9ee585a072f031f0b1587e29a0e6c18b6ffd00a19dab492e24c02887d656af2a85c831f5c2bbe23d32332ee6d3b7529a3bd824b9f4e

    • SSDEEP

      1536:UlFK1o2+0r8mZZZneRnKzdBfI4A9W8yRxvfvrSgu7ofRD2c8yNzVqOj8FIGoCJlz:UDK1namjNgKhBccvRNvrS4R8cqOzGoCX

    Score
    8/10
    discoverypersistenceprivilege_escalation

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks