Overview

overview

8

Static

static

3

b83fde71fd...18.dll

windows7-x64

8

b83fde71fd...18.dll

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b83fde71fd7d63c8a907114641f4a68e_JaffaCakes118

  • Size

    32KB

  • Sample

    240822-tes3qswalc

  • MD5

    b83fde71fd7d63c8a907114641f4a68e

  • SHA1

    dbbfb028b8fccc89e18db2c3f666123354958939

  • SHA256

    6b854361f4534eb02c4e9d74def881965d7659cc2569b6e880b7e084828d5174

  • SHA512

    b52246e14583908ee2b32a4e981793709d22ef9a0467eb1da7d45619bbc4a255de332c17583b95649b907b6b1dbd5e384fc75718399de42f078c21440a684086

  • SSDEEP

    384:P42gBxKR91pL5s4VmWsK6M7XLPPmpzC5zL1WwW958T+w:P+oLyK6M7LmRozL1WJ9WKw

Score
8/10
discoverypersistenceprivilege_escalation

Malware Config

Targets

    • Target

      b83fde71fd7d63c8a907114641f4a68e_JaffaCakes118

    • Size

      32KB

    • MD5

      b83fde71fd7d63c8a907114641f4a68e

    • SHA1

      dbbfb028b8fccc89e18db2c3f666123354958939

    • SHA256

      6b854361f4534eb02c4e9d74def881965d7659cc2569b6e880b7e084828d5174

    • SHA512

      b52246e14583908ee2b32a4e981793709d22ef9a0467eb1da7d45619bbc4a255de332c17583b95649b907b6b1dbd5e384fc75718399de42f078c21440a684086

    • SSDEEP

      384:P42gBxKR91pL5s4VmWsK6M7XLPPmpzC5zL1WwW958T+w:P+oLyK6M7LmRozL1WJ9WKw

    Score
    8/10
    discoverypersistenceprivilege_escalation

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks