Overview

overview

8

Static

static

3

a31c19a632...18.dll

windows7-x64

8

a31c19a632...18.dll

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    a31c19a632026a4e5261aa555b1e9a0a_JaffaCakes118

  • Size

    36KB

  • Sample

    240817-sz1smswbrj

  • MD5

    a31c19a632026a4e5261aa555b1e9a0a

  • SHA1

    8bce198154aeda5d498e96d13f0f9083c6da38a7

  • SHA256

    3ae206051d9b938269b369509e4a2f1d001347619d04ee1e6448472fbb1e78c5

  • SHA512

    6bdc23b3901297dad80f022dbae4baad627b7e5e5fc9f017d45da1b06731915d9db8ad4f7ebad21a31aec04f21c7ee1e9c6abc76a25f494380e57fb4352299b0

  • SSDEEP

    768:hfZd8dJN5kXcyXrCD1tDMByGqnxGm3+2VWSaLW:hQdEcyXrC/GsnsIVWSaLW

Score
8/10
discoverypersistenceprivilege_escalation

Malware Config

Targets

    • Target

      a31c19a632026a4e5261aa555b1e9a0a_JaffaCakes118

    • Size

      36KB

    • MD5

      a31c19a632026a4e5261aa555b1e9a0a

    • SHA1

      8bce198154aeda5d498e96d13f0f9083c6da38a7

    • SHA256

      3ae206051d9b938269b369509e4a2f1d001347619d04ee1e6448472fbb1e78c5

    • SHA512

      6bdc23b3901297dad80f022dbae4baad627b7e5e5fc9f017d45da1b06731915d9db8ad4f7ebad21a31aec04f21c7ee1e9c6abc76a25f494380e57fb4352299b0

    • SSDEEP

      768:hfZd8dJN5kXcyXrCD1tDMByGqnxGm3+2VWSaLW:hQdEcyXrC/GsnsIVWSaLW

    Score
    8/10
    discoverypersistenceprivilege_escalation

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks