Overview

overview

8

Static

static

3

dcfafdae68...18.dll

windows7-x64

8

dcfafdae68...18.dll

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    dcfafdae6843f0d5f4f63c4b237849cb_JaffaCakes118

  • Size

    64KB

  • Sample

    240912-y2bt7asdll

  • MD5

    dcfafdae6843f0d5f4f63c4b237849cb

  • SHA1

    2c956d278c2deb62701fcd20dbdb63716d5b04cf

  • SHA256

    a720043d6be3ed0de5f15661b6c9c006eb0f266e598272d0af11a151b24f0c2a

  • SHA512

    2e3f2bf541c372dcc0a47224ff35f924358e9fb791c19b6758e926567c50c26f27d6b49bc22c9e779927c70888844d5038bfcbb656af7f968bb13c4a44869cd9

  • SSDEEP

    768:BBZGFIzzF1/mjNgXFVdl6ih18TRZWsArsglR9kAX6ge6MLZfOnsXE09hLdX5hBa:BPdpcdiQZWpL9kAqge68lvra

Score
8/10
discoverypersistenceprivilege_escalation

Malware Config

Targets

    • Target

      dcfafdae6843f0d5f4f63c4b237849cb_JaffaCakes118

    • Size

      64KB

    • MD5

      dcfafdae6843f0d5f4f63c4b237849cb

    • SHA1

      2c956d278c2deb62701fcd20dbdb63716d5b04cf

    • SHA256

      a720043d6be3ed0de5f15661b6c9c006eb0f266e598272d0af11a151b24f0c2a

    • SHA512

      2e3f2bf541c372dcc0a47224ff35f924358e9fb791c19b6758e926567c50c26f27d6b49bc22c9e779927c70888844d5038bfcbb656af7f968bb13c4a44869cd9

    • SSDEEP

      768:BBZGFIzzF1/mjNgXFVdl6ih18TRZWsArsglR9kAX6ge6MLZfOnsXE09hLdX5hBa:BPdpcdiQZWpL9kAqge68lvra

    Score
    8/10
    discoverypersistenceprivilege_escalation

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks