General
-
Target
000df2ca85024d0b43d51ac002a3f744_JaffaCakes118
-
Size
23KB
-
Sample
240619-xlbzks1glp
-
MD5
000df2ca85024d0b43d51ac002a3f744
-
SHA1
d0995bfc83c23bc69b0602fe495687b5b5efe495
-
SHA256
f0224d033955896f123481b27a0701894b6f20b97cc4747730fd064080295fc1
-
SHA512
d56f522c027c4bcbb7e14754bd163b0c57cb96ba294ee08455555e801da1c8c006f92c8aa704e656f7d3cb2b0898657368e55ac55e8bbaacab5d44180671c64b
-
SSDEEP
384:/yVlNjtU2eGg45LX0RLbcMYB6+h4N8/rNFu6OLthHgED+ezEZy2mP9:6VlmiavyB6oN0fphHF+OEZyj
Static task
static1
Behavioral task
behavioral1
Sample
000df2ca85024d0b43d51ac002a3f744_JaffaCakes118.dll
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
000df2ca85024d0b43d51ac002a3f744_JaffaCakes118.dll
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
000df2ca85024d0b43d51ac002a3f744_JaffaCakes118
-
Size
23KB
-
MD5
000df2ca85024d0b43d51ac002a3f744
-
SHA1
d0995bfc83c23bc69b0602fe495687b5b5efe495
-
SHA256
f0224d033955896f123481b27a0701894b6f20b97cc4747730fd064080295fc1
-
SHA512
d56f522c027c4bcbb7e14754bd163b0c57cb96ba294ee08455555e801da1c8c006f92c8aa704e656f7d3cb2b0898657368e55ac55e8bbaacab5d44180671c64b
-
SSDEEP
384:/yVlNjtU2eGg45LX0RLbcMYB6+h4N8/rNFu6OLthHgED+ezEZy2mP9:6VlmiavyB6oN0fphHF+OEZyj
Score10/10-
Modifies firewall policy service
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1