Overview

overview

8

Static

static

3

85a582274d...18.dll

windows7-x64

8

85a582274d...18.dll

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    85a582274d6dde209388515cff4779be_JaffaCakes118

  • Size

    36KB

  • Sample

    240810-lvw6bsyfkd

  • MD5

    85a582274d6dde209388515cff4779be

  • SHA1

    d9d094b45ee112bdf6d47813e1d47564ef4cb00a

  • SHA256

    a24b987175b267fb2f4c445245e07c1665423916ccf91027dd231ee733a04162

  • SHA512

    419ecf88d75e434e655afbe65eaf5b63ab4f8a72a7d7a8ff3d9d3fa14004a900582abb3bc28defedfbcf9a20b12fa6f2841834dd5c39e5094b72b1258ea5cec4

  • SSDEEP

    768:VjgiGxy+iC146BDRK97J3+ZFWo2iU+DaLW:tMy+hQYFWuaLW

Score
8/10
discoverypersistenceprivilege_escalation

Malware Config

Targets

    • Target

      85a582274d6dde209388515cff4779be_JaffaCakes118

    • Size

      36KB

    • MD5

      85a582274d6dde209388515cff4779be

    • SHA1

      d9d094b45ee112bdf6d47813e1d47564ef4cb00a

    • SHA256

      a24b987175b267fb2f4c445245e07c1665423916ccf91027dd231ee733a04162

    • SHA512

      419ecf88d75e434e655afbe65eaf5b63ab4f8a72a7d7a8ff3d9d3fa14004a900582abb3bc28defedfbcf9a20b12fa6f2841834dd5c39e5094b72b1258ea5cec4

    • SSDEEP

      768:VjgiGxy+iC146BDRK97J3+ZFWo2iU+DaLW:tMy+hQYFWuaLW

    Score
    8/10
    discoverypersistenceprivilege_escalation

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks