Overview

overview

8

Static

static

3

a96ce2524d...18.dll

windows7-x64

8

a96ce2524d...18.dll

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    a96ce2524df5f01f9e65d6a4e105e446_JaffaCakes118

  • Size

    36KB

  • Sample

    240819-d5mqmssbnd

  • MD5

    a96ce2524df5f01f9e65d6a4e105e446

  • SHA1

    eb88c9affe2286989ddd15ce9431bf18cb8983ff

  • SHA256

    7f539d4a2c40b41488283c4a0a48ffeec5484a376b0015a86b6b6f0589c66680

  • SHA512

    be90ca3d8f6042c10634f43a83725c6850b2b480c1e4eb0e2d98e45d76538447aa360dc3c1605b2259704a50216c6c52c9b1e47068679517f07fdaa7ee3ddebf

  • SSDEEP

    768:fjgiGxy+iC146BDRK97J3+ZFWo2iU+DIt8:bMy+hQYFWuIt8

Score
8/10
discoverypersistenceprivilege_escalation

Malware Config

Targets

    • Target

      a96ce2524df5f01f9e65d6a4e105e446_JaffaCakes118

    • Size

      36KB

    • MD5

      a96ce2524df5f01f9e65d6a4e105e446

    • SHA1

      eb88c9affe2286989ddd15ce9431bf18cb8983ff

    • SHA256

      7f539d4a2c40b41488283c4a0a48ffeec5484a376b0015a86b6b6f0589c66680

    • SHA512

      be90ca3d8f6042c10634f43a83725c6850b2b480c1e4eb0e2d98e45d76538447aa360dc3c1605b2259704a50216c6c52c9b1e47068679517f07fdaa7ee3ddebf

    • SSDEEP

      768:fjgiGxy+iC146BDRK97J3+ZFWo2iU+DIt8:bMy+hQYFWuIt8

    Score
    8/10
    discoverypersistenceprivilege_escalation

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks