Overview

overview

8

Static

static

3

055ffe00fd...18.exe

windows7-x64

8

055ffe00fd...18.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    055ffe00fd5731b9c98cff978aa86d24_JaffaCakes118

  • Size

    148KB

  • Sample

    241001-l3gevatdlp

  • MD5

    055ffe00fd5731b9c98cff978aa86d24

  • SHA1

    17b2b929b616fa137dce112859550248c638c7a5

  • SHA256

    aed6a54c286d2e69228f1f61b82215074873575b5c4833f24c6afc8d528d1e29

  • SHA512

    424a4c599e26d6f71ff703bcd783fede12371671687a6ac058463d7d08c4f7e967736ba25ecf183171ec671f7514e5e96aad346ad1ba53ec0c5f600d05559f45

  • SSDEEP

    3072:fR1+aJe1mgawzxsBub861jIHxowoY2ozlAulu3GJ/hnduqhqgvJDssd+rSoV2H:fRUTV5n6LzZwWJyeqgvd+7O

Score
8/10
discoverypersistenceprivilege_escalation

Malware Config

Targets

    • Target

      055ffe00fd5731b9c98cff978aa86d24_JaffaCakes118

    • Size

      148KB

    • MD5

      055ffe00fd5731b9c98cff978aa86d24

    • SHA1

      17b2b929b616fa137dce112859550248c638c7a5

    • SHA256

      aed6a54c286d2e69228f1f61b82215074873575b5c4833f24c6afc8d528d1e29

    • SHA512

      424a4c599e26d6f71ff703bcd783fede12371671687a6ac058463d7d08c4f7e967736ba25ecf183171ec671f7514e5e96aad346ad1ba53ec0c5f600d05559f45

    • SSDEEP

      3072:fR1+aJe1mgawzxsBub861jIHxowoY2ozlAulu3GJ/hnduqhqgvJDssd+rSoV2H:fRUTV5n6LzZwWJyeqgvd+7O

    Score
    8/10
    discoverypersistenceprivilege_escalation

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks