Overview

overview

8

Static

static

3

dd4fb07e68...18.dll

windows7-x64

8

dd4fb07e68...18.dll

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    dd4fb07e68b0cc8695aadb3a79ac9aeb_JaffaCakes118

  • Size

    64KB

  • Sample

    240913-ane3patdkl

  • MD5

    dd4fb07e68b0cc8695aadb3a79ac9aeb

  • SHA1

    0461479f28f93ee898934e9cc2e6213266307d3d

  • SHA256

    aef4a95da566088dab27a8f635a452d02c58c332ba66dda36a27bba67eaa5629

  • SHA512

    d07eca5c5c6afec799677bc8c0a244540586afc15b8038c8a87b4914123fbe9b7cbdf59d0c7971b53beb294af2ce63f7dddd27c82bacb42d60d52c448c0460b1

  • SSDEEP

    768:ZBZRFIzD/mjNgXFVdl6ih18ORsWsDL6KhjWCpRI+CTnQIItL2FN9wBq+a:ZPCcdiZsWmFZRIxOL2FN9ara

Score
8/10
discoverypersistenceprivilege_escalation

Malware Config

Targets

    • Target

      dd4fb07e68b0cc8695aadb3a79ac9aeb_JaffaCakes118

    • Size

      64KB

    • MD5

      dd4fb07e68b0cc8695aadb3a79ac9aeb

    • SHA1

      0461479f28f93ee898934e9cc2e6213266307d3d

    • SHA256

      aef4a95da566088dab27a8f635a452d02c58c332ba66dda36a27bba67eaa5629

    • SHA512

      d07eca5c5c6afec799677bc8c0a244540586afc15b8038c8a87b4914123fbe9b7cbdf59d0c7971b53beb294af2ce63f7dddd27c82bacb42d60d52c448c0460b1

    • SSDEEP

      768:ZBZRFIzD/mjNgXFVdl6ih18ORsWsDL6KhjWCpRI+CTnQIItL2FN9wBq+a:ZPCcdiZsWmFZRIxOL2FN9ara

    Score
    8/10
    discoverypersistenceprivilege_escalation

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks