Overview

overview

8

Static

static

3

495f79d8a5...18.dll

windows7-x64

8

495f79d8a5...18.dll

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    495f79d8a5946d83d64be1ddfc200c34_JaffaCakes118

  • Size

    36KB

  • Sample

    240715-meg7xavajc

  • MD5

    495f79d8a5946d83d64be1ddfc200c34

  • SHA1

    87d6be602b64368ee28e590055ce4bf97f714beb

  • SHA256

    a50a330d7f10b8169574fbecbff8d8a596fd2a04c04ab71d923e6faf57a41b8b

  • SHA512

    7563746bc87f53cd08c62df30ed955553d86459b15879ffa518de73858419eb5174060afaf2f49420809261cc139737e1eb6fab3dc2a7602d58eacc109437896

  • SSDEEP

    384:gOgGIbRJpai9c49Wigp5/y+ixe1+B6BDR+v+I7J3SvwKF58o2iU+:wjgiGxy+is1M6BDRK97J3+ZFWo2iU+

Score
8/10
persistenceprivilege_escalation

Malware Config

Targets

    • Target

      495f79d8a5946d83d64be1ddfc200c34_JaffaCakes118

    • Size

      36KB

    • MD5

      495f79d8a5946d83d64be1ddfc200c34

    • SHA1

      87d6be602b64368ee28e590055ce4bf97f714beb

    • SHA256

      a50a330d7f10b8169574fbecbff8d8a596fd2a04c04ab71d923e6faf57a41b8b

    • SHA512

      7563746bc87f53cd08c62df30ed955553d86459b15879ffa518de73858419eb5174060afaf2f49420809261cc139737e1eb6fab3dc2a7602d58eacc109437896

    • SSDEEP

      384:gOgGIbRJpai9c49Wigp5/y+ixe1+B6BDR+v+I7J3SvwKF58o2iU+:wjgiGxy+is1M6BDRK97J3+ZFWo2iU+

    Score
    8/10
    persistenceprivilege_escalation

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks