Overview

overview

8

Static

static

3

9518825512...18.dll

windows7-x64

8

9518825512...18.dll

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    95188255126891ee4938cf94b10e2129_JaffaCakes118

  • Size

    36KB

  • Sample

    240814-hy1q5stfrk

  • MD5

    95188255126891ee4938cf94b10e2129

  • SHA1

    b7247b2e5ebd304d360a17b2b07361ca3ca082c2

  • SHA256

    a84f59dcd081e0c1073cc0238759541b4baf0591308343ecbba917d5852fd864

  • SHA512

    600fd6b0bb75b5395c0e63e8fe6ba12e627a00ae83755d06b41ab17f8a7ef8584fe4819276cf47982193a3fd0f85b7e3dc45b82b9a23e9068a3424605c32fce9

  • SSDEEP

    768:afZ2YidJN5kXcyXrCD1tDMByGqnxGm3+IdW:aedEcyXrC/GsnsGdW

Score
8/10
discoverypersistenceprivilege_escalation

Malware Config

Targets

    • Target

      95188255126891ee4938cf94b10e2129_JaffaCakes118

    • Size

      36KB

    • MD5

      95188255126891ee4938cf94b10e2129

    • SHA1

      b7247b2e5ebd304d360a17b2b07361ca3ca082c2

    • SHA256

      a84f59dcd081e0c1073cc0238759541b4baf0591308343ecbba917d5852fd864

    • SHA512

      600fd6b0bb75b5395c0e63e8fe6ba12e627a00ae83755d06b41ab17f8a7ef8584fe4819276cf47982193a3fd0f85b7e3dc45b82b9a23e9068a3424605c32fce9

    • SSDEEP

      768:afZ2YidJN5kXcyXrCD1tDMByGqnxGm3+IdW:aedEcyXrC/GsnsGdW

    Score
    8/10
    discoverypersistenceprivilege_escalation

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks