Overview

overview

7

Static

static

3

05573440eb...18.exe

windows7-x64

7

05573440eb...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    05573440eb003dc5c3ec83d0255b7b05_JaffaCakes118

  • Size

    127KB

  • Sample

    241001-lwkhxsxdke

  • MD5

    05573440eb003dc5c3ec83d0255b7b05

  • SHA1

    e1db28769fb9c402a4d3c3d2a56813d365f0285a

  • SHA256

    8733daceee6d459800534e0251de98d1843c39077c2b9ec6748032abb3744180

  • SHA512

    def0479870675ea110580000f8086e082825151556244a4ae5aed2c8a15a12d096111639b1365f73dd418e212b2a1bc6360eb09a84ec3b01b264bf7f21156957

  • SSDEEP

    3072:Ynj9jtfU+INndIc0JJ5i2xrxPm7beWsR3RDs+206:YjbeilD7FNsL

Score
7/10
discoverypersistence

Malware Config

Targets

    • Target

      05573440eb003dc5c3ec83d0255b7b05_JaffaCakes118

    • Size

      127KB

    • MD5

      05573440eb003dc5c3ec83d0255b7b05

    • SHA1

      e1db28769fb9c402a4d3c3d2a56813d365f0285a

    • SHA256

      8733daceee6d459800534e0251de98d1843c39077c2b9ec6748032abb3744180

    • SHA512

      def0479870675ea110580000f8086e082825151556244a4ae5aed2c8a15a12d096111639b1365f73dd418e212b2a1bc6360eb09a84ec3b01b264bf7f21156957

    • SSDEEP

      3072:Ynj9jtfU+INndIc0JJ5i2xrxPm7beWsR3RDs+206:YjbeilD7FNsL

    Score
    7/10
    discoverypersistence

    • Boot or Logon Autostart Execution: Print Processors

      Adversaries may abuse print processors to run malicious DLLs during system boot for persistence and/or privilege escalation.

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks