General
-
Target
00afacbe54af0decd882cae44405c85d_JaffaCakes118
-
Size
270KB
-
Sample
240619-1m56latamh
-
MD5
00afacbe54af0decd882cae44405c85d
-
SHA1
06e04169b5d4d93a04bf5523266faac3cfcb34fc
-
SHA256
82eb8160bac99e44d74076395d9b5127af7123b0a78cec7d87a629c0c8a15001
-
SHA512
6a7e1f171346afd42e90c46e3f971b7de25934c590501b6c2978971ed44e6118ef558bcaf9ca41266300934e558b66fbd179d3d7f993f380f8bd947dd82ec02c
-
SSDEEP
384:TidD9d6GACjAECb1h+FbEBtTROcSsOhAwj9XsEi9AoCZzOexDVKd8Q07d:GLD+1hOUyR9XIoOexDIqB7
Malware Config
Targets
-
-
Target
00afacbe54af0decd882cae44405c85d_JaffaCakes118
-
Size
270KB
-
MD5
00afacbe54af0decd882cae44405c85d
-
SHA1
06e04169b5d4d93a04bf5523266faac3cfcb34fc
-
SHA256
82eb8160bac99e44d74076395d9b5127af7123b0a78cec7d87a629c0c8a15001
-
SHA512
6a7e1f171346afd42e90c46e3f971b7de25934c590501b6c2978971ed44e6118ef558bcaf9ca41266300934e558b66fbd179d3d7f993f380f8bd947dd82ec02c
-
SSDEEP
384:TidD9d6GACjAECb1h+FbEBtTROcSsOhAwj9XsEi9AoCZzOexDVKd8Q07d:GLD+1hOUyR9XIoOexDIqB7
Score10/10-
Modifies firewall policy service
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1