Overview

overview

8

Static

static

3

eff5ff4e49...18.exe

windows7-x64

8

eff5ff4e49...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    eff5ff4e497f6f911b274366e487a4d7_JaffaCakes118

  • Size

    49KB

  • Sample

    240921-rfqb5awckf

  • MD5

    eff5ff4e497f6f911b274366e487a4d7

  • SHA1

    01e58144d338c64c59a5e3f30da68477807a19ed

  • SHA256

    1c889b9e30bab97822ffd3feccbe71022db3ae1a53e0a2e5de09920fa665b860

  • SHA512

    cc59bfc7c808bb39813949d74daf444052f82036d3727f124935f3f57b5fbe22caed326e86cae87d6eb617f27a446d3f0897194bdb635f4d236e6c8253f99a22

  • SSDEEP

    768:TVuPhGxLwvZrpyA1X/i+L63TFPrxL4qNI:kGOZvUTFPPNI

Score
8/10
discoverypersistenceprivilege_escalation

Malware Config

Targets

    • Target

      eff5ff4e497f6f911b274366e487a4d7_JaffaCakes118

    • Size

      49KB

    • MD5

      eff5ff4e497f6f911b274366e487a4d7

    • SHA1

      01e58144d338c64c59a5e3f30da68477807a19ed

    • SHA256

      1c889b9e30bab97822ffd3feccbe71022db3ae1a53e0a2e5de09920fa665b860

    • SHA512

      cc59bfc7c808bb39813949d74daf444052f82036d3727f124935f3f57b5fbe22caed326e86cae87d6eb617f27a446d3f0897194bdb635f4d236e6c8253f99a22

    • SSDEEP

      768:TVuPhGxLwvZrpyA1X/i+L63TFPrxL4qNI:kGOZvUTFPPNI

    Score
    8/10
    discoverypersistenceprivilege_escalation

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks