Overview

overview

8

Static

static

3

d6f8b28f52...18.exe

windows7-x64

d6f8b28f52...18.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    d6f8b28f525576b02999b137e9814af1_JaffaCakes118

  • Size

    104KB

  • Sample

    240909-ya8d3syale

  • MD5

    d6f8b28f525576b02999b137e9814af1

  • SHA1

    953c06a08413f34fb5bbfee468289ffba78ebbc0

  • SHA256

    5b2265d6fc8365e15c1fa18f11cf98189dd7b821180fff5b909c0e6f897a55f2

  • SHA512

    54395c5bf3590a2625e41521a57ec94475e88c02e66d36df6a82cd47c1f3a1e0e31d0e3bb0892ea7814029ebaff5b993ccd1b2852a74978de748a7411af9abb2

  • SSDEEP

    1536:0Hz4H94ArPG+piAnKuniLRwlLVHL1EAMh0ItwTCH6zyoMPj6mQ:0SvfzCRwFZ12ymwJzyoM0

Score
8/10
discoverypersistenceprivilege_escalation

Malware Config

Targets

    • Target

      d6f8b28f525576b02999b137e9814af1_JaffaCakes118

    • Size

      104KB

    • MD5

      d6f8b28f525576b02999b137e9814af1

    • SHA1

      953c06a08413f34fb5bbfee468289ffba78ebbc0

    • SHA256

      5b2265d6fc8365e15c1fa18f11cf98189dd7b821180fff5b909c0e6f897a55f2

    • SHA512

      54395c5bf3590a2625e41521a57ec94475e88c02e66d36df6a82cd47c1f3a1e0e31d0e3bb0892ea7814029ebaff5b993ccd1b2852a74978de748a7411af9abb2

    • SSDEEP

      1536:0Hz4H94ArPG+piAnKuniLRwlLVHL1EAMh0ItwTCH6zyoMPj6mQ:0SvfzCRwFZ12ymwJzyoM0

    Score
    8/10
    discoverypersistenceprivilege_escalation

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks