Overview

overview

8

Static

static

7

eaae905723...18.exe

windows7-x64

8

eaae905723...18.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    eaae905723241339055f9b57042f85a7_JaffaCakes118

  • Size

    13KB

  • Sample

    240919-gahd8atdjm

  • MD5

    eaae905723241339055f9b57042f85a7

  • SHA1

    62f116fc29d95bcd94c386405dc652ae9028fe80

  • SHA256

    389cd3534f62eaacc999502ef6a1897a6e83e1d9f3082c3be78fa1f4dc0e97ad

  • SHA512

    586e650efe9c3cc16d8a93b5adaeedb444ee5cf16a1eb9b70383ca66c6b4676e9527e365d0088625685bfd963febe467f124d29e79ef1d9b29b108a6712f8c1f

  • SSDEEP

    192:mAVIBFHiBceGgC/9mUT8b+h+c5pJzoBJ02urKz1rPjHJeMgpPa18X4:mAVpeeY/kU+sbXc1jjHYMgpPC8I

Score
8/10
discoverypersistenceprivilege_escalationupx

Malware Config

Targets

    • Target

      eaae905723241339055f9b57042f85a7_JaffaCakes118

    • Size

      13KB

    • MD5

      eaae905723241339055f9b57042f85a7

    • SHA1

      62f116fc29d95bcd94c386405dc652ae9028fe80

    • SHA256

      389cd3534f62eaacc999502ef6a1897a6e83e1d9f3082c3be78fa1f4dc0e97ad

    • SHA512

      586e650efe9c3cc16d8a93b5adaeedb444ee5cf16a1eb9b70383ca66c6b4676e9527e365d0088625685bfd963febe467f124d29e79ef1d9b29b108a6712f8c1f

    • SSDEEP

      192:mAVIBFHiBceGgC/9mUT8b+h+c5pJzoBJ02urKz1rPjHJeMgpPa18X4:mAVpeeY/kU+sbXc1jjHYMgpPC8I

    Score
    8/10
    discoverypersistenceprivilege_escalationupx

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks