General
-
Target
000ca69fca207525041e5399dbfea935_JaffaCakes118
-
Size
21KB
-
Sample
240619-xkgtfaxaqb
-
MD5
000ca69fca207525041e5399dbfea935
-
SHA1
456082c54ba68439ccf718297384f507c21f177b
-
SHA256
bad0e3ef1814c2247307a89ba75b20771dafd24eb31e3b8ccd6527f16075bf32
-
SHA512
b135dcba5c93725f7da541335381c68f405dcc070605f59045f1878ecd1d211e0108e473082f4fdf14911a72da4eba32cd2a8de7ec598f387cef8bcf97f67655
-
SSDEEP
384:xPyZNjtU2mC45TF0zkFXtJ2k1PjXIDEzKDzEFPrVT2:pyZDKTFdx1b4wzCEFPrs
Static task
static1
Behavioral task
behavioral1
Sample
000ca69fca207525041e5399dbfea935_JaffaCakes118.dll
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
000ca69fca207525041e5399dbfea935_JaffaCakes118.dll
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
000ca69fca207525041e5399dbfea935_JaffaCakes118
-
Size
21KB
-
MD5
000ca69fca207525041e5399dbfea935
-
SHA1
456082c54ba68439ccf718297384f507c21f177b
-
SHA256
bad0e3ef1814c2247307a89ba75b20771dafd24eb31e3b8ccd6527f16075bf32
-
SHA512
b135dcba5c93725f7da541335381c68f405dcc070605f59045f1878ecd1d211e0108e473082f4fdf14911a72da4eba32cd2a8de7ec598f387cef8bcf97f67655
-
SSDEEP
384:xPyZNjtU2mC45TF0zkFXtJ2k1PjXIDEzKDzEFPrVT2:pyZDKTFdx1b4wzCEFPrs
Score10/10-
Modifies firewall policy service
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1