Overview

overview

8

Static

static

3

c00c176573...18.exe

windows7-x64

c00c176573...18.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    c00c176573eb72134f110f50529a6b7c_JaffaCakes118

  • Size

    92KB

  • Sample

    240825-f643esydqj

  • MD5

    c00c176573eb72134f110f50529a6b7c

  • SHA1

    2e097b1fe1865d14873664f46535642d8b7a1611

  • SHA256

    0ed9fbd1dac3b79277a70c2d592a46e8c7d9ae20c59cc7ddacfb87c35bfdea5a

  • SHA512

    dee9a0387887a66becb9400c16afb2d3f3d434b15f920a2fb4b7753f2733119f4d255994699793450536c4e177a46f4607fa9ae9c77e96cf87a0b42dadd6e80c

  • SSDEEP

    1536:mn63R5ThCNA4VWUX+gpinIg/saokumqKK+oxMWNLzMo:O63R5q64pinIJrp5jxxlzMo

Score
8/10
discoverypersistenceprivilege_escalation

Malware Config

Targets

    • Target

      c00c176573eb72134f110f50529a6b7c_JaffaCakes118

    • Size

      92KB

    • MD5

      c00c176573eb72134f110f50529a6b7c

    • SHA1

      2e097b1fe1865d14873664f46535642d8b7a1611

    • SHA256

      0ed9fbd1dac3b79277a70c2d592a46e8c7d9ae20c59cc7ddacfb87c35bfdea5a

    • SHA512

      dee9a0387887a66becb9400c16afb2d3f3d434b15f920a2fb4b7753f2733119f4d255994699793450536c4e177a46f4607fa9ae9c77e96cf87a0b42dadd6e80c

    • SSDEEP

      1536:mn63R5ThCNA4VWUX+gpinIg/saokumqKK+oxMWNLzMo:O63R5q64pinIJrp5jxxlzMo

    Score
    8/10
    discoverypersistenceprivilege_escalation

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks