Overview

overview

8

Static

static

3

3e63db9614...18.exe

windows7-x64

8

3e63db9614...18.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    3e63db9614c33b975d196059200f92c0_JaffaCakes118

  • Size

    429KB

  • Sample

    241013-hkh9yayapl

  • MD5

    3e63db9614c33b975d196059200f92c0

  • SHA1

    29e7854aceb4c504efc4037e55dd9f29a6b9319f

  • SHA256

    2912ad8a24e06b9477e151a477ec14da084e775b5624b2743bad1a25876e500b

  • SHA512

    d678e2e35c1e6c8211bab1d8ad439ef6179798ec552fc59271f79515b343b2780a844b1905a624a799f3f768e81c981f9ca4d6d977bdddfe2cc7a7afc1141768

  • SSDEEP

    12288:Iu3URWtsYf8PemjE8h0UxH9ND6fvhMrf1sA:IkQe8PemjTh0Ul/8vh+t

Score
8/10
discoverypersistenceprivilege_escalation

Malware Config

Targets

    • Target

      3e63db9614c33b975d196059200f92c0_JaffaCakes118

    • Size

      429KB

    • MD5

      3e63db9614c33b975d196059200f92c0

    • SHA1

      29e7854aceb4c504efc4037e55dd9f29a6b9319f

    • SHA256

      2912ad8a24e06b9477e151a477ec14da084e775b5624b2743bad1a25876e500b

    • SHA512

      d678e2e35c1e6c8211bab1d8ad439ef6179798ec552fc59271f79515b343b2780a844b1905a624a799f3f768e81c981f9ca4d6d977bdddfe2cc7a7afc1141768

    • SSDEEP

      12288:Iu3URWtsYf8PemjE8h0UxH9ND6fvhMrf1sA:IkQe8PemjTh0Ul/8vh+t

    Score
    8/10
    discoverypersistenceprivilege_escalation

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Executes dropped EXE

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks