Overview

overview

7

Static

static

3

d742da2828...18.dll

windows7-x64

3

d742da2828...18.dll

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    d742da282809113db7bd6d95c2293a69_JaffaCakes118

  • Size

    265KB

  • Sample

    240909-3de9xsvhqn

  • MD5

    d742da282809113db7bd6d95c2293a69

  • SHA1

    2b0f6d8499120a59addd89839fde3bb3757175c3

  • SHA256

    2d76b01736e4772c9ef4219145cd0dcf63dd9c4910441b80cabaf42bc3957687

  • SHA512

    c087ae179d353cbd9ec819e324b3bf54b35ca1a70d9183016271887dfe742ca0e3d8c86ea863ac231b10e8ce2ff447391b65930552b3e8ea3398f03a2a1cadec

  • SSDEEP

    6144:rszrIP3acuC5Cydti9Pet80gUTpVNBMVM4l4SzPiYx:4zcPTuCYZ9zDUpVNBMVM4piYx

Score
7/10
discoverypersistenceprivilege_escalationupx

Malware Config

Targets

    • Target

      d742da282809113db7bd6d95c2293a69_JaffaCakes118

    • Size

      265KB

    • MD5

      d742da282809113db7bd6d95c2293a69

    • SHA1

      2b0f6d8499120a59addd89839fde3bb3757175c3

    • SHA256

      2d76b01736e4772c9ef4219145cd0dcf63dd9c4910441b80cabaf42bc3957687

    • SHA512

      c087ae179d353cbd9ec819e324b3bf54b35ca1a70d9183016271887dfe742ca0e3d8c86ea863ac231b10e8ce2ff447391b65930552b3e8ea3398f03a2a1cadec

    • SSDEEP

      6144:rszrIP3acuC5Cydti9Pet80gUTpVNBMVM4l4SzPiYx:4zcPTuCYZ9zDUpVNBMVM4piYx

    Score
    7/10
    discoverypersistenceprivilege_escalationupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Boot or Logon Autostart Execution: Authentication Package

      Suspicious Windows Authentication Registry Modification.

      persistenceprivilege_escalation
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks