Overview

overview

8

Static

static

3

d4921750af...18.dll

windows7-x64

8

d4921750af...18.dll

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    d4921750af48eb6e5acbdc3537790e9e_JaffaCakes118

  • Size

    60KB

  • Sample

    240908-rt82ds1cpj

  • MD5

    d4921750af48eb6e5acbdc3537790e9e

  • SHA1

    3d14622cd47becdb73e64c8910924908c3b78a6a

  • SHA256

    53105faaab07e51eb1ed851ec96c25b4ddace61c1a1f292eb4f4dbb624e68664

  • SHA512

    ab6b87fcf07dd477117a9362bae342d56e84443fbe5c86e36d3a89248a72be9c329c260440db8e5fe73432299c64cb48d0b2c0ffe2bbb2774e5f1de4b0938783

  • SSDEEP

    768:IBZX+Nzp4mjNx4Ss4l6iE18++uWdB9GBc81f+Iw5BLJUXNPgH9nmscY:IPdc2inuWdB9r8YXPJY2BmscY

Score
8/10
discoverypersistenceprivilege_escalation

Malware Config

Targets

    • Target

      d4921750af48eb6e5acbdc3537790e9e_JaffaCakes118

    • Size

      60KB

    • MD5

      d4921750af48eb6e5acbdc3537790e9e

    • SHA1

      3d14622cd47becdb73e64c8910924908c3b78a6a

    • SHA256

      53105faaab07e51eb1ed851ec96c25b4ddace61c1a1f292eb4f4dbb624e68664

    • SHA512

      ab6b87fcf07dd477117a9362bae342d56e84443fbe5c86e36d3a89248a72be9c329c260440db8e5fe73432299c64cb48d0b2c0ffe2bbb2774e5f1de4b0938783

    • SSDEEP

      768:IBZX+Nzp4mjNx4Ss4l6iE18++uWdB9GBc81f+Iw5BLJUXNPgH9nmscY:IPdc2inuWdB9r8YXPJY2BmscY

    Score
    8/10
    discoverypersistenceprivilege_escalation

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks