Overview

overview

8

Static

static

7

ddce339360...18.exe

windows7-x64

8

ddce339360...18.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    ddce3393609ad8b3350740e60d267910_JaffaCakes118

  • Size

    13KB

  • Sample

    240913-gmmjpsxhrc

  • MD5

    ddce3393609ad8b3350740e60d267910

  • SHA1

    595a5a8dfdba45c0050142b952b26b2aa4b40b4d

  • SHA256

    b11203cdac8a0b911bb23d25e7606c2d6f66df6e5bd0e9623121bd65cf21dbd9

  • SHA512

    26f5799aeb7e416f9d6cdc30846a1967102fb7ba2d54ed069c38f587a0976102d15523f2624be8bd8151023be9e426eb10f40f89f5532c07950b892b31599ec1

  • SSDEEP

    384:SqEmyBu4neLUYX+OdBobH1hB88tQX5ufnZVuyg:NfyBubUDZzF8aQX0nZV

Score
8/10
discoverypersistenceprivilege_escalationupx

Malware Config

Targets

    • Target

      ddce3393609ad8b3350740e60d267910_JaffaCakes118

    • Size

      13KB

    • MD5

      ddce3393609ad8b3350740e60d267910

    • SHA1

      595a5a8dfdba45c0050142b952b26b2aa4b40b4d

    • SHA256

      b11203cdac8a0b911bb23d25e7606c2d6f66df6e5bd0e9623121bd65cf21dbd9

    • SHA512

      26f5799aeb7e416f9d6cdc30846a1967102fb7ba2d54ed069c38f587a0976102d15523f2624be8bd8151023be9e426eb10f40f89f5532c07950b892b31599ec1

    • SSDEEP

      384:SqEmyBu4neLUYX+OdBobH1hB88tQX5ufnZVuyg:NfyBubUDZzF8aQX0nZV

    Score
    8/10
    discoverypersistenceprivilege_escalationupx

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks