Overview

overview

8

Static

static

3

bd707b3fd1...18.dll

windows7-x64

8

bd707b3fd1...18.dll

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bd707b3fd1a44deb1e584e09bd32398b_JaffaCakes118

  • Size

    60KB

  • Sample

    240823-2kcxps1dnc

  • MD5

    bd707b3fd1a44deb1e584e09bd32398b

  • SHA1

    dad8e69936b2ce298c25df822723e2ef43bec15e

  • SHA256

    43456caa64812ad21926bac9bf30cc6c816b60e1653c7e3f0cb1c201479d6a2d

  • SHA512

    3b1be3f8778a6956d06337d29dff01c8267600f7024eda34dac6ea796c5da071aca87b95a2d5d9a9d2ecbb2022024ed22e34eda6b813ebdc326f5863e9ac496b

  • SSDEEP

    768:hBZX+Nzp4mjNx4Ds4l6iE18++uWdB9GBc81f+Iw5BLJUXNPgH9nmscY:hPdc1inuWdB9r8YXPJY2BmscY

Score
8/10
discoverypersistenceprivilege_escalation

Malware Config

Targets

    • Target

      bd707b3fd1a44deb1e584e09bd32398b_JaffaCakes118

    • Size

      60KB

    • MD5

      bd707b3fd1a44deb1e584e09bd32398b

    • SHA1

      dad8e69936b2ce298c25df822723e2ef43bec15e

    • SHA256

      43456caa64812ad21926bac9bf30cc6c816b60e1653c7e3f0cb1c201479d6a2d

    • SHA512

      3b1be3f8778a6956d06337d29dff01c8267600f7024eda34dac6ea796c5da071aca87b95a2d5d9a9d2ecbb2022024ed22e34eda6b813ebdc326f5863e9ac496b

    • SSDEEP

      768:hBZX+Nzp4mjNx4Ds4l6iE18++uWdB9GBc81f+Iw5BLJUXNPgH9nmscY:hPdc1inuWdB9r8YXPJY2BmscY

    Score
    8/10
    discoverypersistenceprivilege_escalation

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks