Overview

overview

8

Static

static

7

ceeff74893...18.exe

windows7-x64

8

ceeff74893...18.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ceeff74893507df1a959b82efd223dfc_JaffaCakes118

  • Size

    11KB

  • Sample

    240906-hqkd7ascql

  • MD5

    ceeff74893507df1a959b82efd223dfc

  • SHA1

    85264da1e9efbdf0ffe1dfafab6c318d19b87325

  • SHA256

    ef6e342078ce5fd58609c3304a2cba8410749512f1e9028199e27f501b93f5dc

  • SHA512

    9d928c4db926fc3c1514fa2bf67b172fd52e5e2d24ed33de6b5e34399b445f34c17d7518baff575de3989917197b19b7462baa78b95a69b2f962c5beee01c5ae

  • SSDEEP

    192:AR7VTSWVcaA0wJitZEwtmBHwdL9LFw9tciG9Fu3F0qo2M1QSyAnqiEsg:ARVSWVJAbAt3tuHI5Atci4qXHkg

Score
8/10
discoverypersistenceprivilege_escalationupx

Malware Config

Targets

    • Target

      ceeff74893507df1a959b82efd223dfc_JaffaCakes118

    • Size

      11KB

    • MD5

      ceeff74893507df1a959b82efd223dfc

    • SHA1

      85264da1e9efbdf0ffe1dfafab6c318d19b87325

    • SHA256

      ef6e342078ce5fd58609c3304a2cba8410749512f1e9028199e27f501b93f5dc

    • SHA512

      9d928c4db926fc3c1514fa2bf67b172fd52e5e2d24ed33de6b5e34399b445f34c17d7518baff575de3989917197b19b7462baa78b95a69b2f962c5beee01c5ae

    • SSDEEP

      192:AR7VTSWVcaA0wJitZEwtmBHwdL9LFw9tciG9Fu3F0qo2M1QSyAnqiEsg:ARVSWVJAbAt3tuHI5Atci4qXHkg

    Score
    8/10
    discoverypersistenceprivilege_escalationupx

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks