Overview

overview

8

Static

static

3

ec0899269b...18.dll

windows7-x64

8

ec0899269b...18.dll

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ec0899269b0be35cc98782dd41d11fc0_JaffaCakes118

  • Size

    60KB

  • Sample

    240919-x4994awcrh

  • MD5

    ec0899269b0be35cc98782dd41d11fc0

  • SHA1

    2bc2931546b45a40f2a1edd87ab616e963f0390a

  • SHA256

    6152244ead57a87840677861b21c2171e3e3312727c20693da177be00d01fe3f

  • SHA512

    ad9b5f03f11808f616f2d5e5a042e34a12f74f505c4d7bb0af3fb17e8f52c0679347189dc3ac27c98faf6e204aacb46e7c9f854182bd7e8accb5f8ea183588e5

  • SSDEEP

    768:CBZX+Nzp4mjNx4Ds4l6iE18++uWdB9GBc81f+Iw5BLJUXNPgH9nmscY:CPdc1inuWdB9r8YXPJY2BmscY

Score
8/10
discoverypersistenceprivilege_escalation

Malware Config

Targets

    • Target

      ec0899269b0be35cc98782dd41d11fc0_JaffaCakes118

    • Size

      60KB

    • MD5

      ec0899269b0be35cc98782dd41d11fc0

    • SHA1

      2bc2931546b45a40f2a1edd87ab616e963f0390a

    • SHA256

      6152244ead57a87840677861b21c2171e3e3312727c20693da177be00d01fe3f

    • SHA512

      ad9b5f03f11808f616f2d5e5a042e34a12f74f505c4d7bb0af3fb17e8f52c0679347189dc3ac27c98faf6e204aacb46e7c9f854182bd7e8accb5f8ea183588e5

    • SSDEEP

      768:CBZX+Nzp4mjNx4Ds4l6iE18++uWdB9GBc81f+Iw5BLJUXNPgH9nmscY:CPdc1inuWdB9r8YXPJY2BmscY

    Score
    8/10
    discoverypersistenceprivilege_escalation

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks