General
-
Target
000ed345555cac822af47bb62790d43b_JaffaCakes118
-
Size
22KB
-
Sample
240619-xl1myaxbnd
-
MD5
000ed345555cac822af47bb62790d43b
-
SHA1
b88ed6e771bff0a24c8b10012512cce32e2c1a90
-
SHA256
8d0a51e82d74276237f56e1ce0fe407fbaf2b924bcbc6961b89f47212de219dd
-
SHA512
07eec844fabce91eb0b58b6b02c83fe563967efc4b3e337202c2f10c32392b5d5f44ba52518d2b58d7480fd1d0f5164e0c0aedd9ba3d30966c6182ff00ea8de5
-
SSDEEP
384:ByVlNjtU2eRlAbAV8CzQ+YxM6ZjzEarYnjgeL8+0E6miTmzE7HjUIO8fCR:kVlSdbQZAgYjg08+YZWE7HjUeKR
Static task
static1
Behavioral task
behavioral1
Sample
000ed345555cac822af47bb62790d43b_JaffaCakes118.dll
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
000ed345555cac822af47bb62790d43b_JaffaCakes118.dll
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
000ed345555cac822af47bb62790d43b_JaffaCakes118
-
Size
22KB
-
MD5
000ed345555cac822af47bb62790d43b
-
SHA1
b88ed6e771bff0a24c8b10012512cce32e2c1a90
-
SHA256
8d0a51e82d74276237f56e1ce0fe407fbaf2b924bcbc6961b89f47212de219dd
-
SHA512
07eec844fabce91eb0b58b6b02c83fe563967efc4b3e337202c2f10c32392b5d5f44ba52518d2b58d7480fd1d0f5164e0c0aedd9ba3d30966c6182ff00ea8de5
-
SSDEEP
384:ByVlNjtU2eRlAbAV8CzQ+YxM6ZjzEarYnjgeL8+0E6miTmzE7HjUIO8fCR:kVlSdbQZAgYjg08+YZWE7HjUeKR
Score10/10-
Modifies firewall policy service
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1