General
-
Target
000d440b446357bb1a256aa5d500717a_JaffaCakes118
-
Size
23KB
-
Sample
240619-xkswps1gjp
-
MD5
000d440b446357bb1a256aa5d500717a
-
SHA1
8b10ffd70478ef0c368cdf7ec819a4611006f6b6
-
SHA256
a01648af929ae0de24b76f2233ffed42cddd81ba4849308df26ddb2bbec637fd
-
SHA512
4cd893b880e85874741147e86f7ebb5f472217913fa8b230b48ba3decb629bbe60528795ca43f86ae5bf28f120b256dd930d0c9042b14f2596e57960feca7ff4
-
SSDEEP
384:rPyZNjtU2mWoJnKZltinOf1oTnahNuTWjPMrzxNDeFk:zyZnHTNo2NmGPOxNDkk
Static task
static1
Behavioral task
behavioral1
Sample
000d440b446357bb1a256aa5d500717a_JaffaCakes118.dll
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
000d440b446357bb1a256aa5d500717a_JaffaCakes118.dll
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
000d440b446357bb1a256aa5d500717a_JaffaCakes118
-
Size
23KB
-
MD5
000d440b446357bb1a256aa5d500717a
-
SHA1
8b10ffd70478ef0c368cdf7ec819a4611006f6b6
-
SHA256
a01648af929ae0de24b76f2233ffed42cddd81ba4849308df26ddb2bbec637fd
-
SHA512
4cd893b880e85874741147e86f7ebb5f472217913fa8b230b48ba3decb629bbe60528795ca43f86ae5bf28f120b256dd930d0c9042b14f2596e57960feca7ff4
-
SSDEEP
384:rPyZNjtU2mWoJnKZltinOf1oTnahNuTWjPMrzxNDeFk:zyZnHTNo2NmGPOxNDkk
Score10/10-
Modifies firewall policy service
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1