Overview

overview

8

Static

static

3

bdcd00273a...18.dll

windows7-x64

8

bdcd00273a...18.dll

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bdcd00273ab43b2b50fe8cf2db24b196_JaffaCakes118

  • Size

    76KB

  • Sample

    240824-cjnv5szfjh

  • MD5

    bdcd00273ab43b2b50fe8cf2db24b196

  • SHA1

    0dfcf40717858e76e6a088071f3645e2d4437312

  • SHA256

    202d475e65ff352d9f44a4961e00433bce765473cc364fd6c158f9327c273ec1

  • SHA512

    50d9142c7e196804a86242c337098908d32627aefd6c845f45b07e2ccab530d0bbc9fa12750aecc4a6790c12665668620283cc289f47f5c2e25ba0c2e4f61079

  • SSDEEP

    1536:nPVXc2ieNWzTy+c3FXKQmJ7Ugo+c0Qw1ci:ndX3NWS+0cRUgo+cici

Score
8/10
discoverypersistenceprivilege_escalation

Malware Config

Targets

    • Target

      bdcd00273ab43b2b50fe8cf2db24b196_JaffaCakes118

    • Size

      76KB

    • MD5

      bdcd00273ab43b2b50fe8cf2db24b196

    • SHA1

      0dfcf40717858e76e6a088071f3645e2d4437312

    • SHA256

      202d475e65ff352d9f44a4961e00433bce765473cc364fd6c158f9327c273ec1

    • SHA512

      50d9142c7e196804a86242c337098908d32627aefd6c845f45b07e2ccab530d0bbc9fa12750aecc4a6790c12665668620283cc289f47f5c2e25ba0c2e4f61079

    • SSDEEP

      1536:nPVXc2ieNWzTy+c3FXKQmJ7Ugo+c0Qw1ci:ndX3NWS+0cRUgo+cici

    Score
    8/10
    discoverypersistenceprivilege_escalation

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks