Overview

overview

7

Static

static

3

bd5a5697f1...18.dll

windows7-x64

3

bd5a5697f1...18.dll

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    bd5a5697f1b32778791fdfb59404d11f_JaffaCakes118

  • Size

    247KB

  • Sample

    240823-13jbrssanr

  • MD5

    bd5a5697f1b32778791fdfb59404d11f

  • SHA1

    ed7f40dec8d3469b382f8cf5888f06889fdf72a4

  • SHA256

    5aad092ae379b2ae25c400032dc769b1d09b699f4190e3ba08c5840416b1240f

  • SHA512

    c3725f463c501bac6204a4ee37e8c335dacc5790096d8192e8a91f1be9c25ad0754cabdac33b20ea9760095e7aa0ec2a0faa10e51ebd915d85f94ebef29bc19d

  • SSDEEP

    6144:rK9YY+9Lux9csTNEv5wu79p8bTj4Av0P1:rK9Y/9ZscwG6QAsN

Score
7/10
discoverypersistenceprivilege_escalationupx

Malware Config

Targets

    • Target

      bd5a5697f1b32778791fdfb59404d11f_JaffaCakes118

    • Size

      247KB

    • MD5

      bd5a5697f1b32778791fdfb59404d11f

    • SHA1

      ed7f40dec8d3469b382f8cf5888f06889fdf72a4

    • SHA256

      5aad092ae379b2ae25c400032dc769b1d09b699f4190e3ba08c5840416b1240f

    • SHA512

      c3725f463c501bac6204a4ee37e8c335dacc5790096d8192e8a91f1be9c25ad0754cabdac33b20ea9760095e7aa0ec2a0faa10e51ebd915d85f94ebef29bc19d

    • SSDEEP

      6144:rK9YY+9Lux9csTNEv5wu79p8bTj4Av0P1:rK9Y/9ZscwG6QAsN

    Score
    7/10
    discoverypersistenceprivilege_escalationupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Boot or Logon Autostart Execution: Authentication Package

      Suspicious Windows Authentication Registry Modification.

      persistenceprivilege_escalation
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks