Overview

overview

8

Static

static

3

dfc5b6fcb2...18.exe

windows7-x64

dfc5b6fcb2...18.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    dfc5b6fcb20a06d89dc30598e453fcc8_JaffaCakes118

  • Size

    90KB

  • Sample

    240914-jqcj1stfrb

  • MD5

    dfc5b6fcb20a06d89dc30598e453fcc8

  • SHA1

    f761a9c382aaa065b70c13a60bbdd787eb8791a0

  • SHA256

    364258535c3b7a03b5add2b93eb8afa0b96f3b6c9aa75900be9d93022b48fa8e

  • SHA512

    bd70cb60f51c1c954d52863355a4a9cb1269566533b82f906750a645027691027c9a7420f8216d5e01409f91f2d81bc8ee54412be655d0d327d023587bb52a8d

  • SSDEEP

    1536:uo61T/Tz1juyh6KV1f166iogRCSHzjiAWJ/+ktJkJsTosPf8JlI9F:uD/TBjuUROfdGh/+kQMonJlI9F

Score
8/10
discoverypersistenceprivilege_escalation

Malware Config

Targets

    • Target

      dfc5b6fcb20a06d89dc30598e453fcc8_JaffaCakes118

    • Size

      90KB

    • MD5

      dfc5b6fcb20a06d89dc30598e453fcc8

    • SHA1

      f761a9c382aaa065b70c13a60bbdd787eb8791a0

    • SHA256

      364258535c3b7a03b5add2b93eb8afa0b96f3b6c9aa75900be9d93022b48fa8e

    • SHA512

      bd70cb60f51c1c954d52863355a4a9cb1269566533b82f906750a645027691027c9a7420f8216d5e01409f91f2d81bc8ee54412be655d0d327d023587bb52a8d

    • SSDEEP

      1536:uo61T/Tz1juyh6KV1f166iogRCSHzjiAWJ/+ktJkJsTosPf8JlI9F:uD/TBjuUROfdGh/+kQMonJlI9F

    Score
    8/10
    discoverypersistenceprivilege_escalation

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks