Overview

overview

7

Static

static

3

eac7708ade...18.exe

windows7-x64

7

eac7708ade...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    eac7708ade63c4134f5a485256efa4be_JaffaCakes118

  • Size

    55KB

  • Sample

    240919-hf8c9svhke

  • MD5

    eac7708ade63c4134f5a485256efa4be

  • SHA1

    5fb8aaf18c2ad459e73022cdb8d32ba15d964aba

  • SHA256

    400ac1638afa04623eb1c9348938457d69288d51ee9cd2e85d8ff35d6b50844b

  • SHA512

    19e1e312711c3f6854637fcc99b790416f93d444338bd16b4340aa4054f844e2774443fa55eb2e2db13f44ae2983ee97998dcf0e33208265577e0f0755b3ef19

  • SSDEEP

    1536:nwT3m7s5Wrkuz6rRmlu4gk7IjXqJbvzNQ1m3xI:nwTAs5WQuyk7iXwLN62I

Score
7/10
discoverypersistence

Malware Config

Targets

    • Target

      eac7708ade63c4134f5a485256efa4be_JaffaCakes118

    • Size

      55KB

    • MD5

      eac7708ade63c4134f5a485256efa4be

    • SHA1

      5fb8aaf18c2ad459e73022cdb8d32ba15d964aba

    • SHA256

      400ac1638afa04623eb1c9348938457d69288d51ee9cd2e85d8ff35d6b50844b

    • SHA512

      19e1e312711c3f6854637fcc99b790416f93d444338bd16b4340aa4054f844e2774443fa55eb2e2db13f44ae2983ee97998dcf0e33208265577e0f0755b3ef19

    • SSDEEP

      1536:nwT3m7s5Wrkuz6rRmlu4gk7IjXqJbvzNQ1m3xI:nwTAs5WQuyk7iXwLN62I

    Score
    7/10
    discoverypersistence

    • Boot or Logon Autostart Execution: Print Processors

      Adversaries may abuse print processors to run malicious DLLs during system boot for persistence and/or privilege escalation.

      persistence

    • Executes dropped EXE

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks