Overview

overview

8

Static

static

3

4522dbb8d1...18.dll

windows7-x64

8

4522dbb8d1...18.dll

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    4522dbb8d158e075d4ef58f4bd80c01d_JaffaCakes118

  • Size

    36KB

  • Sample

    240714-kwfdjawfqa

  • MD5

    4522dbb8d158e075d4ef58f4bd80c01d

  • SHA1

    c5da46cc2d4a9878d2295cbf74a2986490cf87e7

  • SHA256

    19932c9968ef78ea314b65ddb7d753662475fae22dbbc86d42f43625c6298e29

  • SHA512

    67ab9c70834dd12f7be72696ae9a53239fb9d8c29f3a15b056ba9f1289bfdb6b5fe7e8c18e917897b8b165aaaa91d3fe6f003b858331dd2527b6057890d70588

  • SSDEEP

    768:yfZd8dJN5kXcyXrCD1tDMByGqnxGm3+2VWSaLW:yQdEcyXrC/GsnsIVWSaLW

Score
8/10
persistenceprivilege_escalation

Malware Config

Targets

    • Target

      4522dbb8d158e075d4ef58f4bd80c01d_JaffaCakes118

    • Size

      36KB

    • MD5

      4522dbb8d158e075d4ef58f4bd80c01d

    • SHA1

      c5da46cc2d4a9878d2295cbf74a2986490cf87e7

    • SHA256

      19932c9968ef78ea314b65ddb7d753662475fae22dbbc86d42f43625c6298e29

    • SHA512

      67ab9c70834dd12f7be72696ae9a53239fb9d8c29f3a15b056ba9f1289bfdb6b5fe7e8c18e917897b8b165aaaa91d3fe6f003b858331dd2527b6057890d70588

    • SSDEEP

      768:yfZd8dJN5kXcyXrCD1tDMByGqnxGm3+2VWSaLW:yQdEcyXrC/GsnsIVWSaLW

    Score
    8/10
    persistenceprivilege_escalation

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks