Overview

overview

8

Static

static

3

d57962fbcb...18.exe

windows7-x64

d57962fbcb...18.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    d57962fbcbf38269dfb584f92e26dcd6_JaffaCakes118

  • Size

    92KB

  • Sample

    240909-ca39gawcql

  • MD5

    d57962fbcbf38269dfb584f92e26dcd6

  • SHA1

    1c5b38f7237d98008f6d783fb719d6c9b9ee7be1

  • SHA256

    1dedec16662c73e8677d42ced00dc3d0a1209cd42f0dd4aaf595669406edd01a

  • SHA512

    303c86f96fad056f1443d76ff6c99062da62c77a7aff45269631dbf9770e62677debb3397735fcb9ac777a64e63f7dcce41750f847c8b3428aa702e26660ae6c

  • SSDEEP

    1536:aGYlO9kOyXqsKsLJxEU34zWKBxDCryhH+U9IzhW5bvw6ovDDAEhEacLfHwzGo:aGYly06hsvE2MDgGHv9IEvwPvDdyacsd

Score
8/10
discoverypersistenceprivilege_escalation

Malware Config

Targets

    • Target

      d57962fbcbf38269dfb584f92e26dcd6_JaffaCakes118

    • Size

      92KB

    • MD5

      d57962fbcbf38269dfb584f92e26dcd6

    • SHA1

      1c5b38f7237d98008f6d783fb719d6c9b9ee7be1

    • SHA256

      1dedec16662c73e8677d42ced00dc3d0a1209cd42f0dd4aaf595669406edd01a

    • SHA512

      303c86f96fad056f1443d76ff6c99062da62c77a7aff45269631dbf9770e62677debb3397735fcb9ac777a64e63f7dcce41750f847c8b3428aa702e26660ae6c

    • SSDEEP

      1536:aGYlO9kOyXqsKsLJxEU34zWKBxDCryhH+U9IzhW5bvw6ovDDAEhEacLfHwzGo:aGYly06hsvE2MDgGHv9IEvwPvDdyacsd

    Score
    8/10
    discoverypersistenceprivilege_escalation

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks