General
-
Target
0007df2551792f4e2cf7fecac141a858_JaffaCakes118
-
Size
23KB
-
Sample
240619-xfwf2awhjh
-
MD5
0007df2551792f4e2cf7fecac141a858
-
SHA1
1002baabba2508cf48df3f16acdc461deb7f3c5b
-
SHA256
9aef208d1c1ec84cfc4819c3d1a6ba9361c9643d39bc56c5850c8ec822e71395
-
SHA512
0c7229ccf237240d79c90d57b589ecb7e40cf0778c953173f77a17fcfff91c00891eea0ed34c8518b7dab42dd8c98982dadc8c5eea9ebc3073ceb13e4b1bf81d
-
SSDEEP
384:VidD9d6GArG45TH/t52oTtZaeFMMjMfOlEZx1zEFpYHmSX:UDKaoZdFVM2o3EFpYHmK
Static task
static1
Behavioral task
behavioral1
Sample
0007df2551792f4e2cf7fecac141a858_JaffaCakes118.dll
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
0007df2551792f4e2cf7fecac141a858_JaffaCakes118.dll
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
0007df2551792f4e2cf7fecac141a858_JaffaCakes118
-
Size
23KB
-
MD5
0007df2551792f4e2cf7fecac141a858
-
SHA1
1002baabba2508cf48df3f16acdc461deb7f3c5b
-
SHA256
9aef208d1c1ec84cfc4819c3d1a6ba9361c9643d39bc56c5850c8ec822e71395
-
SHA512
0c7229ccf237240d79c90d57b589ecb7e40cf0778c953173f77a17fcfff91c00891eea0ed34c8518b7dab42dd8c98982dadc8c5eea9ebc3073ceb13e4b1bf81d
-
SSDEEP
384:VidD9d6GArG45TH/t52oTtZaeFMMjMfOlEZx1zEFpYHmSX:UDKaoZdFVM2o3EFpYHmK
Score10/10-
Modifies firewall policy service
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1