Overview

overview

8

Static

static

3

74cdce1e43...18.dll

windows7-x64

8

74cdce1e43...18.dll

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    74cdce1e432b9fec46dce1a02c33c392_JaffaCakes118

  • Size

    36KB

  • Sample

    240726-ttwgeayfnk

  • MD5

    74cdce1e432b9fec46dce1a02c33c392

  • SHA1

    d43a51f85d4f51213a75039d284906901794d6d8

  • SHA256

    7b32333c3df57f032da133a0c624074653b080de84ace417e3a973e3864a5fc1

  • SHA512

    5e1826a8c2c5d8b4e310052468592dba07d6df30bbb45d9c5f2a805554980240abc836a69346d4e86ca0294e161df5615fb1a1a98dd088c9e35bc78dc94241b4

  • SSDEEP

    768:8jgiGxy+iC146BDRK97J3+ZFWo2iU+DaLW:YMy+hQYFWuaLW

Score
8/10
discoverypersistenceprivilege_escalation

Malware Config

Targets

    • Target

      74cdce1e432b9fec46dce1a02c33c392_JaffaCakes118

    • Size

      36KB

    • MD5

      74cdce1e432b9fec46dce1a02c33c392

    • SHA1

      d43a51f85d4f51213a75039d284906901794d6d8

    • SHA256

      7b32333c3df57f032da133a0c624074653b080de84ace417e3a973e3864a5fc1

    • SHA512

      5e1826a8c2c5d8b4e310052468592dba07d6df30bbb45d9c5f2a805554980240abc836a69346d4e86ca0294e161df5615fb1a1a98dd088c9e35bc78dc94241b4

    • SSDEEP

      768:8jgiGxy+iC146BDRK97J3+ZFWo2iU+DaLW:YMy+hQYFWuaLW

    Score
    8/10
    discoverypersistenceprivilege_escalation

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks