Overview

overview

8

Static

static

3

e145d22cec...18.dll

windows7-x64

8

e145d22cec...18.dll

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    e145d22cec5d71abb9054ac8af215674_JaffaCakes118

  • Size

    32KB

  • Sample

    240914-3qyxsstekj

  • MD5

    e145d22cec5d71abb9054ac8af215674

  • SHA1

    789be7e2e2b78686da89c5e566e9fd3e5f983b6f

  • SHA256

    3da45d53e49cb2e32d5ffb48868b3f3b441ba08295462d81ecd23623d3ecf6d2

  • SHA512

    6c5f32de0842ddc77564951ff02c3adc01f1a32bf008bf88da84c2bf2f9c58b341246202cd3311c9bc551747df0f1a5864e613bd78d5beefc742068cbe62f7c0

  • SSDEEP

    384:h4/Robx06RS1pL5s4VmWsK6M7XLPPmpzS5zE1WwSP58M1nmw:hlujLyK6M7LmRYzE1WpPWxw

Score
8/10
discoverypersistenceprivilege_escalation

Malware Config

Targets

    • Target

      e145d22cec5d71abb9054ac8af215674_JaffaCakes118

    • Size

      32KB

    • MD5

      e145d22cec5d71abb9054ac8af215674

    • SHA1

      789be7e2e2b78686da89c5e566e9fd3e5f983b6f

    • SHA256

      3da45d53e49cb2e32d5ffb48868b3f3b441ba08295462d81ecd23623d3ecf6d2

    • SHA512

      6c5f32de0842ddc77564951ff02c3adc01f1a32bf008bf88da84c2bf2f9c58b341246202cd3311c9bc551747df0f1a5864e613bd78d5beefc742068cbe62f7c0

    • SSDEEP

      384:h4/Robx06RS1pL5s4VmWsK6M7XLPPmpzS5zE1WwSP58M1nmw:hlujLyK6M7LmRYzE1WpPWxw

    Score
    8/10
    discoverypersistenceprivilege_escalation

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks