Overview

overview

8

Static

static

3

ac27678f26...18.dll

windows7-x64

8

ac27678f26...18.dll

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    ac27678f26e6ee590c2cf1ee2052ed35_JaffaCakes118

  • Size

    60KB

  • Sample

    240819-xfpcqazeqa

  • MD5

    ac27678f26e6ee590c2cf1ee2052ed35

  • SHA1

    3cf1ebc9f487bcb7bf4f0216216ab44b514c61e2

  • SHA256

    cba61014e7f0468d48cedf1f03dc03b3f190de91bf92edd57f93fa69b9b5f1a9

  • SHA512

    1c8f44fe4bb2c5b94f09b8e9814adc892f0f1c00583673a4a442f10a293746dda71aae5b58a4d522faa57cb9496b0b3247afebea10381639a421567d84865ea1

  • SSDEEP

    768:jBZX+Nzp4mjNx4Ds4l6iE18++uWdB9GBc81f+Iw5BLJUXNPgH9nmscY:jPdc1inuWdB9r8YXPJY2BmscY

Score
8/10
discoverypersistenceprivilege_escalation

Malware Config

Targets

    • Target

      ac27678f26e6ee590c2cf1ee2052ed35_JaffaCakes118

    • Size

      60KB

    • MD5

      ac27678f26e6ee590c2cf1ee2052ed35

    • SHA1

      3cf1ebc9f487bcb7bf4f0216216ab44b514c61e2

    • SHA256

      cba61014e7f0468d48cedf1f03dc03b3f190de91bf92edd57f93fa69b9b5f1a9

    • SHA512

      1c8f44fe4bb2c5b94f09b8e9814adc892f0f1c00583673a4a442f10a293746dda71aae5b58a4d522faa57cb9496b0b3247afebea10381639a421567d84865ea1

    • SSDEEP

      768:jBZX+Nzp4mjNx4Ds4l6iE18++uWdB9GBc81f+Iw5BLJUXNPgH9nmscY:jPdc1inuWdB9r8YXPJY2BmscY

    Score
    8/10
    discoverypersistenceprivilege_escalation

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks