General
-
Target
000de1b6375f59abc659ef6a779e5a12_JaffaCakes118
-
Size
21KB
-
Sample
240619-xk88paxbkc
-
MD5
000de1b6375f59abc659ef6a779e5a12
-
SHA1
9b7f63ca81118b2d2d9b691a212158d7d2b4dce7
-
SHA256
28fea6abb5c54c3340a330f2d8e77a0ca346cd5cd8b8ff0ac1cd216018ee13ef
-
SHA512
6e5a9f0a228e74ddef54017526807206c02ce38a3fbfa337d5983c5bc90008f261255fbe08fc8efc1d8a70cc450072c9acafb6b0fe38b73f0b85dfa2ce12b2ad
-
SSDEEP
384:VlyVlNjtU2eKlIG7vnW+liYMUMhEP+DIJ8/6i6zEZEi4+:VYVljBvrliKJJ8/P6EZEiZ
Static task
static1
Behavioral task
behavioral1
Sample
000de1b6375f59abc659ef6a779e5a12_JaffaCakes118.dll
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
000de1b6375f59abc659ef6a779e5a12_JaffaCakes118.dll
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
000de1b6375f59abc659ef6a779e5a12_JaffaCakes118
-
Size
21KB
-
MD5
000de1b6375f59abc659ef6a779e5a12
-
SHA1
9b7f63ca81118b2d2d9b691a212158d7d2b4dce7
-
SHA256
28fea6abb5c54c3340a330f2d8e77a0ca346cd5cd8b8ff0ac1cd216018ee13ef
-
SHA512
6e5a9f0a228e74ddef54017526807206c02ce38a3fbfa337d5983c5bc90008f261255fbe08fc8efc1d8a70cc450072c9acafb6b0fe38b73f0b85dfa2ce12b2ad
-
SSDEEP
384:VlyVlNjtU2eKlIG7vnW+liYMUMhEP+DIJ8/6i6zEZEi4+:VYVljBvrliKJJ8/P6EZEiZ
Score10/10-
Modifies firewall policy service
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1