General
-
Target
0004cdd48597bf8f6555e75a70b3f459_JaffaCakes118
-
Size
23KB
-
Sample
240619-xdmfcawfqc
-
MD5
0004cdd48597bf8f6555e75a70b3f459
-
SHA1
bda48a3e43ae5287ff51d4710c334c3ca48cc6b4
-
SHA256
a10aed5a9614b64d00b78def1a2d2b53b78298d374c7adac6ca8c02f35348f93
-
SHA512
3869668e427f767a0f7b13c27fdb443cb8ee4097cf71c0a8cf43157207885594a82e7276b5dc8ad082799f37a602def172ddd3e39725edec2af3361265595dec
-
SSDEEP
384:kidD9d6GA2ywjeILk1rqDR7CSBFMsTS2Wapn54B99eKaK94ySyFVsnhj+lD8ozEj:xW6ek/DYSzT/pn54B9zBFVst+lD8oEcO
Malware Config
Targets
-
-
Target
0004cdd48597bf8f6555e75a70b3f459_JaffaCakes118
-
Size
23KB
-
MD5
0004cdd48597bf8f6555e75a70b3f459
-
SHA1
bda48a3e43ae5287ff51d4710c334c3ca48cc6b4
-
SHA256
a10aed5a9614b64d00b78def1a2d2b53b78298d374c7adac6ca8c02f35348f93
-
SHA512
3869668e427f767a0f7b13c27fdb443cb8ee4097cf71c0a8cf43157207885594a82e7276b5dc8ad082799f37a602def172ddd3e39725edec2af3361265595dec
-
SSDEEP
384:kidD9d6GA2ywjeILk1rqDR7CSBFMsTS2Wapn54B99eKaK94ySyFVsnhj+lD8ozEj:xW6ek/DYSzT/pn54B9zBFVst+lD8oEcO
Score10/10-
Modifies firewall policy service
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1