General
-
Target
000da55e85f6d4187f0c75166426ffe4_JaffaCakes118
-
Size
26KB
-
Sample
240619-xk4yza1glj
-
MD5
000da55e85f6d4187f0c75166426ffe4
-
SHA1
8221a4b41cc590ffd3c92027b622c6263f0166d9
-
SHA256
c2c4a6d26c75356d2ef857f7222addd09d3bd85f606533a415eec546509ba3e3
-
SHA512
96d87f2592a17dee1dc553fefe7e54506939dea11407941eed9ef57b87e950a057fa28163216c27d0db7824e5755f302602dbcb4a913f8dae228575f1baa7446
-
SSDEEP
384:MidD9d6GAfwjeILYZjgs6zi0k8RCw4vlnnhG+5hKaK94ySyY+OdjARqEOAHzuUi2:5G6ekLo8R3Cpw+5aBJOpeaATuUODS
Static task
static1
Behavioral task
behavioral1
Sample
000da55e85f6d4187f0c75166426ffe4_JaffaCakes118.dll
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
000da55e85f6d4187f0c75166426ffe4_JaffaCakes118.dll
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
000da55e85f6d4187f0c75166426ffe4_JaffaCakes118
-
Size
26KB
-
MD5
000da55e85f6d4187f0c75166426ffe4
-
SHA1
8221a4b41cc590ffd3c92027b622c6263f0166d9
-
SHA256
c2c4a6d26c75356d2ef857f7222addd09d3bd85f606533a415eec546509ba3e3
-
SHA512
96d87f2592a17dee1dc553fefe7e54506939dea11407941eed9ef57b87e950a057fa28163216c27d0db7824e5755f302602dbcb4a913f8dae228575f1baa7446
-
SSDEEP
384:MidD9d6GAfwjeILYZjgs6zi0k8RCw4vlnnhG+5hKaK94ySyY+OdjARqEOAHzuUi2:5G6ekLo8R3Cpw+5aBJOpeaATuUODS
Score10/10-
Modifies firewall policy service
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1