General
-
Target
000c81aae87184a9e64fe733f10acd45_JaffaCakes118
-
Size
25KB
-
Sample
240619-xkbbnaxaph
-
MD5
000c81aae87184a9e64fe733f10acd45
-
SHA1
5a6c2ff2bb3723585819d924e496eacb8b15629b
-
SHA256
053294ba88f21e14a2a4ebd9caa43175a0613803f87b75cd233ddfa95f97eaaa
-
SHA512
b23299390127ed402bd7faeba14a46ed79a34f97a6f5126cc055ac4467f814cae9c149c3830f88977d142dfb2faa4923a2777707dcf8b0f20e782fc437ce263b
-
SSDEEP
384:skidD9d6GA7qoJiSemjSVHG3djztEBlD1jA8rDXEecO/v0N3zxI9MOMqL:sxfKe+Om6lFA8FcOGxI9pMa
Malware Config
Targets
-
-
Target
000c81aae87184a9e64fe733f10acd45_JaffaCakes118
-
Size
25KB
-
MD5
000c81aae87184a9e64fe733f10acd45
-
SHA1
5a6c2ff2bb3723585819d924e496eacb8b15629b
-
SHA256
053294ba88f21e14a2a4ebd9caa43175a0613803f87b75cd233ddfa95f97eaaa
-
SHA512
b23299390127ed402bd7faeba14a46ed79a34f97a6f5126cc055ac4467f814cae9c149c3830f88977d142dfb2faa4923a2777707dcf8b0f20e782fc437ce263b
-
SSDEEP
384:skidD9d6GA7qoJiSemjSVHG3djztEBlD1jA8rDXEecO/v0N3zxI9MOMqL:sxfKe+Om6lFA8FcOGxI9pMa
Score10/10-
Modifies firewall policy service
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1