General
-
Target
000973f40e82167b43cd78c6675b58dc_JaffaCakes118
-
Size
23KB
-
Sample
240619-xhe7tswhqf
-
MD5
000973f40e82167b43cd78c6675b58dc
-
SHA1
81f61a15556e9e29478ab379820406ea33c3753c
-
SHA256
04e3b3032c6c828930c00703f328cbe4adb4d80bcf3f6d2bcd574cd9e62b61d9
-
SHA512
42b56f56b29c3e89379e6e233ab860b9b37bb66ddd90bd8f1432a7f218a1ceb81f456bb7a6a9129a9d851634cd0cbb3d18f147804c60dcdd08fae7c0f91238a6
-
SSDEEP
384:7PyZNjtU2mC45TW9+lGdtmq0Dj2OmcMa3EklUzEFqzt66:jyZDKrsTMcLazl0EFqztf
Static task
static1
Behavioral task
behavioral1
Sample
000973f40e82167b43cd78c6675b58dc_JaffaCakes118.dll
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
000973f40e82167b43cd78c6675b58dc_JaffaCakes118.dll
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
000973f40e82167b43cd78c6675b58dc_JaffaCakes118
-
Size
23KB
-
MD5
000973f40e82167b43cd78c6675b58dc
-
SHA1
81f61a15556e9e29478ab379820406ea33c3753c
-
SHA256
04e3b3032c6c828930c00703f328cbe4adb4d80bcf3f6d2bcd574cd9e62b61d9
-
SHA512
42b56f56b29c3e89379e6e233ab860b9b37bb66ddd90bd8f1432a7f218a1ceb81f456bb7a6a9129a9d851634cd0cbb3d18f147804c60dcdd08fae7c0f91238a6
-
SSDEEP
384:7PyZNjtU2mC45TW9+lGdtmq0Dj2OmcMa3EklUzEFqzt66:jyZDKrsTMcLazl0EFqztf
Score10/10-
Modifies firewall policy service
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1