General
-
Target
000f431eddbefcaddef6e2803c39e00e_JaffaCakes118
-
Size
481KB
-
Sample
240619-xl8zbaxbpd
-
MD5
000f431eddbefcaddef6e2803c39e00e
-
SHA1
5fee593b5d9bcf47425e9bf5b6ba5d8dd62e11ae
-
SHA256
a19fb950271cdeb49289fd172b1f2bb3deed41b13f1be9ccd7757a13f6eed04b
-
SHA512
6c3c6685135398c568fd97f2ec3b0363d8805fe498e1c1b35a9ca2e4ae79fadde9e18168830375ae77580191919e733971ce21bf642827dd02f30166a9f7d7b3
-
SSDEEP
384:spdNjtU2OCu5fNOXePYjlML5CKFEDo2Q/EiWTlz6nUsah:spdGVO6+EFKo2QE6nb
Static task
static1
Behavioral task
behavioral1
Sample
000f431eddbefcaddef6e2803c39e00e_JaffaCakes118.dll
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
000f431eddbefcaddef6e2803c39e00e_JaffaCakes118.dll
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
000f431eddbefcaddef6e2803c39e00e_JaffaCakes118
-
Size
481KB
-
MD5
000f431eddbefcaddef6e2803c39e00e
-
SHA1
5fee593b5d9bcf47425e9bf5b6ba5d8dd62e11ae
-
SHA256
a19fb950271cdeb49289fd172b1f2bb3deed41b13f1be9ccd7757a13f6eed04b
-
SHA512
6c3c6685135398c568fd97f2ec3b0363d8805fe498e1c1b35a9ca2e4ae79fadde9e18168830375ae77580191919e733971ce21bf642827dd02f30166a9f7d7b3
-
SSDEEP
384:spdNjtU2OCu5fNOXePYjlML5CKFEDo2Q/EiWTlz6nUsah:spdGVO6+EFKo2QE6nb
Score10/10-
Modifies firewall policy service
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1