14c17b9c4d95ab8704c1e6ce822bab76dae5ab27a71d6dd4f1aef427d23d5616 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1b57544324575a626eea38fa0c9296d8_JaffaCakes118
Size

60KB
Sample

240701-pxdcsascle
MD5

1b57544324575a626eea38fa0c9296d8
SHA1

7678f4de6e0efd0f58ba9839b9a20633b0e9f692
SHA256

14c17b9c4d95ab8704c1e6ce822bab76dae5ab27a71d6dd4f1aef427d23d5616
SHA512

686eb5a4e655f9ed9ad85c10820e42d9a0dee3c4c15d489afc776150b30228b34ae51dee89e595bb0a2d624da46429a1340841f40d545ea106fab0d9269b6987
SSDEEP

768:aBZX+Nzp4mjNx4Ds4l6iE18++uWdB9GBc81f+Iw5BLJUXNPgH9nmscY:aPdc1inuWdB9r8YXPJY2BmscY

Score

8^/10

persistence privilege_escalation

Malware Config

Targets

- Target
  
  1b57544324575a626eea38fa0c9296d8_JaffaCakes118
- Size
  
  60KB
- MD5
  
  1b57544324575a626eea38fa0c9296d8
- SHA1
  
  7678f4de6e0efd0f58ba9839b9a20633b0e9f692
- SHA256
  
  14c17b9c4d95ab8704c1e6ce822bab76dae5ab27a71d6dd4f1aef427d23d5616
- SHA512
  
  686eb5a4e655f9ed9ad85c10820e42d9a0dee3c4c15d489afc776150b30228b34ae51dee89e595bb0a2d624da46429a1340841f40d545ea106fab0d9269b6987
- SSDEEP
  
  768:aBZX+Nzp4mjNx4Ds4l6iE18++uWdB9GBc81f+Iw5BLJUXNPgH9nmscY:aPdc1inuWdB9r8YXPJY2BmscY
Score

8^/10

persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistenceprivilege_escalation

behavioral2

persistenceprivilege_escalation