Overview

overview

8

Static

static

7

eac9d611a1...18.exe

windows7-x64

8

eac9d611a1...18.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    eac9d611a18abaa79ee511e9aea465a7_JaffaCakes118

  • Size

    11KB

  • Sample

    240919-hkm8wswcqm

  • MD5

    eac9d611a18abaa79ee511e9aea465a7

  • SHA1

    19815e494a63546af51d1fb9bcb92b5dbba0503e

  • SHA256

    60a99b042043f977b85960946142f25eae8f641207f18e77a58856881b4ba409

  • SHA512

    5cdc53ce67e4daaa04db9bbf9ba8085b82c07ebbbb6b5c4ec3a447361cf705afc894fb54e1debf316e3ef3762c87be49dd0bd98f24229899f7a4b61d065639a3

  • SSDEEP

    192:cOErlncuFLrflfLN8EMOGk0XhhT09GP1sHOEF/NKyk6V5qxiwc5:cOErln5dWEjGk0XGsEpcypVA6

Score
8/10
discoverypersistenceprivilege_escalationupx

Malware Config

Targets

    • Target

      eac9d611a18abaa79ee511e9aea465a7_JaffaCakes118

    • Size

      11KB

    • MD5

      eac9d611a18abaa79ee511e9aea465a7

    • SHA1

      19815e494a63546af51d1fb9bcb92b5dbba0503e

    • SHA256

      60a99b042043f977b85960946142f25eae8f641207f18e77a58856881b4ba409

    • SHA512

      5cdc53ce67e4daaa04db9bbf9ba8085b82c07ebbbb6b5c4ec3a447361cf705afc894fb54e1debf316e3ef3762c87be49dd0bd98f24229899f7a4b61d065639a3

    • SSDEEP

      192:cOErlncuFLrflfLN8EMOGk0XhhT09GP1sHOEF/NKyk6V5qxiwc5:cOErln5dWEjGk0XGsEpcypVA6

    Score
    8/10
    discoverypersistenceprivilege_escalationupx

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks