General
-
Target
0005fa09f75fbe61ceb58f8f5e429bf4_JaffaCakes118
-
Size
514KB
-
Sample
240619-xeglgs1dqp
-
MD5
0005fa09f75fbe61ceb58f8f5e429bf4
-
SHA1
09497095f4d622f6660a8cb6c024b0eb792effe7
-
SHA256
a745399d49c6276b06e6ca7566a1368b83023d189697c344d9545655fffba42f
-
SHA512
efeefe1f78b80007f6a16de187e5fda8f6377c6cf2f98afca03cf129de17f47eb4f7c175aff4e87f9ed7ea51c680965ac76ccc0495cf02c196489f069e8c3ab3
-
SSDEEP
384:xdD9d6G4KwTrzMCZklLkvzy9dkdtKwKGaF1VHtFj5hAjme3EAig4MvYzXtrC4kHE:xrkXMCZkvGt3EVNVkmeKMv4Xt+lHE
Malware Config
Targets
-
-
Target
0005fa09f75fbe61ceb58f8f5e429bf4_JaffaCakes118
-
Size
514KB
-
MD5
0005fa09f75fbe61ceb58f8f5e429bf4
-
SHA1
09497095f4d622f6660a8cb6c024b0eb792effe7
-
SHA256
a745399d49c6276b06e6ca7566a1368b83023d189697c344d9545655fffba42f
-
SHA512
efeefe1f78b80007f6a16de187e5fda8f6377c6cf2f98afca03cf129de17f47eb4f7c175aff4e87f9ed7ea51c680965ac76ccc0495cf02c196489f069e8c3ab3
-
SSDEEP
384:xdD9d6G4KwTrzMCZklLkvzy9dkdtKwKGaF1VHtFj5hAjme3EAig4MvYzXtrC4kHE:xrkXMCZkvGt3EVNVkmeKMv4Xt+lHE
Score10/10-
Modifies firewall policy service
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1