General
-
Target
000ec5747200add44c8507bb10aaad5b_JaffaCakes118
-
Size
513KB
-
Sample
240619-xly44s1gnp
-
MD5
000ec5747200add44c8507bb10aaad5b
-
SHA1
c64d347e9bdae3dfb4716399080635b7c65ceea3
-
SHA256
12f2276a1acbe5ce65708817de2669cc53efb64d6bce2a9d8658506f2010e43a
-
SHA512
ac434ec663bd595722767f2f30d4050313e4e040cffeef8e5316d20ec58a3c745f2aa4b0cd5408b8f85e4234bdda9b58a245cada1261b8b52ba78d9e77a625ad
-
SSDEEP
384:32idD9d6GAH64ML/SQfx2eqt9ZVXvbcAP5vwRes5e1jMtpEP6C3pzvtdNH16n:/rTGmHqLZVDcyfxMnC9vtdDa
Static task
static1
Behavioral task
behavioral1
Sample
000ec5747200add44c8507bb10aaad5b_JaffaCakes118.dll
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
000ec5747200add44c8507bb10aaad5b_JaffaCakes118.dll
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
000ec5747200add44c8507bb10aaad5b_JaffaCakes118
-
Size
513KB
-
MD5
000ec5747200add44c8507bb10aaad5b
-
SHA1
c64d347e9bdae3dfb4716399080635b7c65ceea3
-
SHA256
12f2276a1acbe5ce65708817de2669cc53efb64d6bce2a9d8658506f2010e43a
-
SHA512
ac434ec663bd595722767f2f30d4050313e4e040cffeef8e5316d20ec58a3c745f2aa4b0cd5408b8f85e4234bdda9b58a245cada1261b8b52ba78d9e77a625ad
-
SSDEEP
384:32idD9d6GAH64ML/SQfx2eqt9ZVXvbcAP5vwRes5e1jMtpEP6C3pzvtdNH16n:/rTGmHqLZVDcyfxMnC9vtdDa
Score10/10-
Modifies firewall policy service
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1