Overview

overview

8

Static

static

3

b839da4d03...18.exe

windows7-x64

b839da4d03...18.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    b839da4d0378ec0e769491be0b6d6270_JaffaCakes118

  • Size

    100KB

  • Sample

    240822-s9bw9svgjb

  • MD5

    b839da4d0378ec0e769491be0b6d6270

  • SHA1

    bca1f349a38669f67d03e49426b5434c85706aff

  • SHA256

    f4d823e1d0b179090787abfc27701add1e346a798dc6d5a387cdcc9f4f94ff31

  • SHA512

    93e5ce9875e2fb59b844588c939de25ecd25769687726625d41db7f9366c169026b0e66d5ac1665e9202c8fe7881421f17abb5f630f105f17e924803c6217c9b

  • SSDEEP

    3072:uzVG2KnprIPIVbIFs6kT9VoaYY9Wqfgo2Y:uz4/pcPA0709V79W7Y

Score
8/10
discoverypersistenceprivilege_escalation

Malware Config

Targets

    • Target

      b839da4d0378ec0e769491be0b6d6270_JaffaCakes118

    • Size

      100KB

    • MD5

      b839da4d0378ec0e769491be0b6d6270

    • SHA1

      bca1f349a38669f67d03e49426b5434c85706aff

    • SHA256

      f4d823e1d0b179090787abfc27701add1e346a798dc6d5a387cdcc9f4f94ff31

    • SHA512

      93e5ce9875e2fb59b844588c939de25ecd25769687726625d41db7f9366c169026b0e66d5ac1665e9202c8fe7881421f17abb5f630f105f17e924803c6217c9b

    • SSDEEP

      3072:uzVG2KnprIPIVbIFs6kT9VoaYY9Wqfgo2Y:uz4/pcPA0709V79W7Y

    Score
    8/10
    discoverypersistenceprivilege_escalation

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks