Overview

overview

8

Static

static

3

406250fbaa...18.exe

windows7-x64

8

406250fbaa...18.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    406250fbaa2c18d3330586c480aa3620_JaffaCakes118

  • Size

    151KB

  • Sample

    241013-rwycns1fjb

  • MD5

    406250fbaa2c18d3330586c480aa3620

  • SHA1

    6fee985aa435ebb425ea71bf1f61b8c0ce4cd310

  • SHA256

    1c71cea25df52f6e804c7ddb23d85ba5ae2a1edee8d039f062df8af9f499bf20

  • SHA512

    b6d189032c1cc05ffb0b4ed828448268bb673d206a73074c73707892cfc376fcf99ede8919d9ecc5c19690890700c5dc9335cb6e00d871c78f7bf8f1a013cc50

  • SSDEEP

    3072:HAwEvRRdqcqpaiVPfGHO4xATzlypxd7CQn3piYtW0Cmz:TcRWcslXWRpjCS5TW0Cmz

Score
8/10
discoverypersistenceprivilege_escalation

Malware Config

Targets

    • Target

      406250fbaa2c18d3330586c480aa3620_JaffaCakes118

    • Size

      151KB

    • MD5

      406250fbaa2c18d3330586c480aa3620

    • SHA1

      6fee985aa435ebb425ea71bf1f61b8c0ce4cd310

    • SHA256

      1c71cea25df52f6e804c7ddb23d85ba5ae2a1edee8d039f062df8af9f499bf20

    • SHA512

      b6d189032c1cc05ffb0b4ed828448268bb673d206a73074c73707892cfc376fcf99ede8919d9ecc5c19690890700c5dc9335cb6e00d871c78f7bf8f1a013cc50

    • SSDEEP

      3072:HAwEvRRdqcqpaiVPfGHO4xATzlypxd7CQn3piYtW0Cmz:TcRWcslXWRpjCS5TW0Cmz

    Score
    8/10
    discoverypersistenceprivilege_escalation

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Executes dropped EXE

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks