Resubmissions

11-10-2024 18:51

241011-xhgewsxgka 8

11-10-2024 18:50

241011-xha8waxgja 3

General

  • Target

    36487a6a69dcff09b0e87072f3095c8a_JaffaCakes118

  • Size

    32KB

  • Sample

    241011-xhgewsxgka

  • MD5

    36487a6a69dcff09b0e87072f3095c8a

  • SHA1

    e189cff71b3bac2942d34a6d74ca23b82b826f79

  • SHA256

    d16503617334e6e807e3559408a53ddcf26b8443bf088798acbcfdd711d26db3

  • SHA512

    f3a9dd7f7d138561b014172df7d8535d403d433e73554aba3513e263292dab22bdb112d0e48c4b742bb8273d18509b783d4757c012dcac7cc655881b91a63442

  • SSDEEP

    768:vbHiJWRCmEPZMSEVVr4vq7CymaKdSVOyeRYj+xx:vbHiJDmKMSEVVd7Cd7G6RYCn

Score
8/10

Malware Config

Targets

    • Target

      36487a6a69dcff09b0e87072f3095c8a_JaffaCakes118

    • Size

      32KB

    • MD5

      36487a6a69dcff09b0e87072f3095c8a

    • SHA1

      e189cff71b3bac2942d34a6d74ca23b82b826f79

    • SHA256

      d16503617334e6e807e3559408a53ddcf26b8443bf088798acbcfdd711d26db3

    • SHA512

      f3a9dd7f7d138561b014172df7d8535d403d433e73554aba3513e263292dab22bdb112d0e48c4b742bb8273d18509b783d4757c012dcac7cc655881b91a63442

    • SSDEEP

      768:vbHiJWRCmEPZMSEVVr4vq7CymaKdSVOyeRYj+xx:vbHiJDmKMSEVVd7Cd7G6RYCn

    Score
    8/10
    • Possible privilege escalation attempt

    • Modifies file permissions

    • Legitimate hosting services abused for malware hosting/C2

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks