Overview

overview

8

Static

static

3

842b94cc33...18.dll

windows7-x64

8

842b94cc33...18.dll

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    842b94cc3346df05e6094cf3040f03e4_JaffaCakes118

  • Size

    36KB

  • Sample

    240810-aycqbaxcpp

  • MD5

    842b94cc3346df05e6094cf3040f03e4

  • SHA1

    254d479142fa6c0f2c183f3077646ba855dc97d1

  • SHA256

    f05c2f1875bbd7279cc756f9092908b7ffaa24876ed1faa6b13cd05ebba6a3ca

  • SHA512

    5b4098c36d7d1a237b5a98de3cf62fb1a2c78ba06d31c6324f56978e7a54178e2d43ed6629f67714d7657c24a0992c23796b8c6e65ec4c9385d4a9e948ee4519

  • SSDEEP

    768:CfZ2YidJN5kXcyXrCD1tDMByGqnxGm3+IdW:CedEcyXrC/GsnsGdW

Score
8/10
discoverypersistenceprivilege_escalation

Malware Config

Targets

    • Target

      842b94cc3346df05e6094cf3040f03e4_JaffaCakes118

    • Size

      36KB

    • MD5

      842b94cc3346df05e6094cf3040f03e4

    • SHA1

      254d479142fa6c0f2c183f3077646ba855dc97d1

    • SHA256

      f05c2f1875bbd7279cc756f9092908b7ffaa24876ed1faa6b13cd05ebba6a3ca

    • SHA512

      5b4098c36d7d1a237b5a98de3cf62fb1a2c78ba06d31c6324f56978e7a54178e2d43ed6629f67714d7657c24a0992c23796b8c6e65ec4c9385d4a9e948ee4519

    • SSDEEP

      768:CfZ2YidJN5kXcyXrCD1tDMByGqnxGm3+IdW:CedEcyXrC/GsnsGdW

    Score
    8/10
    discoverypersistenceprivilege_escalation

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks