Overview

overview

8

Static

static

3

dd7a47b058...18.dll

windows7-x64

8

dd7a47b058...18.dll

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    dd7a47b0582b8b6166000ed05f977415_JaffaCakes118

  • Size

    36KB

  • Sample

    240913-ct5lmszbje

  • MD5

    dd7a47b0582b8b6166000ed05f977415

  • SHA1

    4b0bb3c025d9e2d17dffec50afafc8b8a7db534f

  • SHA256

    78f959d40b2f9ef8702e9e4fdd46cc44cd436f1648b89f9e34e90e9ed35d7739

  • SHA512

    6ca03309ccdf28c1a170370a3c0ac56b4546fac7886645a10bb791bf0a4654d286bba383390a5a49cc2b0d6524a25d406560ffe5e61ebb5961c813a44781f902

  • SSDEEP

    768:IjgiGxy+iC146BDRK97J3+ZFWo2iU+DaLW:8My+hQYFWuaLW

Score
8/10
discoverypersistenceprivilege_escalation

Malware Config

Targets

    • Target

      dd7a47b0582b8b6166000ed05f977415_JaffaCakes118

    • Size

      36KB

    • MD5

      dd7a47b0582b8b6166000ed05f977415

    • SHA1

      4b0bb3c025d9e2d17dffec50afafc8b8a7db534f

    • SHA256

      78f959d40b2f9ef8702e9e4fdd46cc44cd436f1648b89f9e34e90e9ed35d7739

    • SHA512

      6ca03309ccdf28c1a170370a3c0ac56b4546fac7886645a10bb791bf0a4654d286bba383390a5a49cc2b0d6524a25d406560ffe5e61ebb5961c813a44781f902

    • SSDEEP

      768:IjgiGxy+iC146BDRK97J3+ZFWo2iU+DaLW:8My+hQYFWuaLW

    Score
    8/10
    discoverypersistenceprivilege_escalation

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks