Overview

overview

8

Static

static

3

171029aa1b...18.exe

windows7-x64

8

171029aa1b...18.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    171029aa1b2fb70e327a4954d9b2aa20_JaffaCakes118

  • Size

    153KB

  • Sample

    241005-k41pfa1dqd

  • MD5

    171029aa1b2fb70e327a4954d9b2aa20

  • SHA1

    fbd2a6a8ed5a1b4d66ab3d25280fe5016ca56a12

  • SHA256

    15a7e0deb10ed66a4fc154762aa9cebd0b1f57aaf2f2455fbe3b4408d5fd488b

  • SHA512

    56c2db8d0cc8b09cc74c1ec1a0415df143185d6a0a41796a25178cc37b447a990f18f2820d3311c9321729f4bd43f0fab7b27aa46a85964d6189f054b5a502c2

  • SSDEEP

    3072:ykZCrvugF1PG2+pCPNDrht5YMIaVRsRsOj8cbsbtH:y4Crvug22nP9CmV6f8cGH

Score
8/10
discoverypersistenceprivilege_escalation

Malware Config

Targets

    • Target

      171029aa1b2fb70e327a4954d9b2aa20_JaffaCakes118

    • Size

      153KB

    • MD5

      171029aa1b2fb70e327a4954d9b2aa20

    • SHA1

      fbd2a6a8ed5a1b4d66ab3d25280fe5016ca56a12

    • SHA256

      15a7e0deb10ed66a4fc154762aa9cebd0b1f57aaf2f2455fbe3b4408d5fd488b

    • SHA512

      56c2db8d0cc8b09cc74c1ec1a0415df143185d6a0a41796a25178cc37b447a990f18f2820d3311c9321729f4bd43f0fab7b27aa46a85964d6189f054b5a502c2

    • SSDEEP

      3072:ykZCrvugF1PG2+pCPNDrht5YMIaVRsRsOj8cbsbtH:y4Crvug22nP9CmV6f8cGH

    Score
    8/10
    discoverypersistenceprivilege_escalation

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Executes dropped EXE

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks