Overview

overview

8

Static

static

3

f0a5cdad18...18.dll

windows7-x64

8

f0a5cdad18...18.dll

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    f0a5cdad1819ca8d31a012e1eb5eed39_JaffaCakes118

  • Size

    36KB

  • Sample

    240921-1a8e7avejl

  • MD5

    f0a5cdad1819ca8d31a012e1eb5eed39

  • SHA1

    f9cae28082eee8e5e39e08d25ab43c058755c387

  • SHA256

    2d57b562f467dae95a45b0fb5bb9c5be34329084df23a6457dcc1bba506f92a9

  • SHA512

    adb0da97a34d138909352d605b74d4575539349270d6deb078d5c70ccfacc1d60e0737623726f542529404afda463f6abcd9a5b00df98ea7417d8926724a37db

  • SSDEEP

    768:wfZd8dJN5kXcyXrCD1tDMByGqnxGm3+2VW:wQdEcyXrC/GsnsIVW

Score
8/10
discoverypersistenceprivilege_escalation

Malware Config

Targets

    • Target

      f0a5cdad1819ca8d31a012e1eb5eed39_JaffaCakes118

    • Size

      36KB

    • MD5

      f0a5cdad1819ca8d31a012e1eb5eed39

    • SHA1

      f9cae28082eee8e5e39e08d25ab43c058755c387

    • SHA256

      2d57b562f467dae95a45b0fb5bb9c5be34329084df23a6457dcc1bba506f92a9

    • SHA512

      adb0da97a34d138909352d605b74d4575539349270d6deb078d5c70ccfacc1d60e0737623726f542529404afda463f6abcd9a5b00df98ea7417d8926724a37db

    • SSDEEP

      768:wfZd8dJN5kXcyXrCD1tDMByGqnxGm3+2VW:wQdEcyXrC/GsnsIVW

    Score
    8/10
    discoverypersistenceprivilege_escalation

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks