General
-
Target
000f5e2e3222dcfad7c7d6b7114f8ac6_JaffaCakes118
-
Size
23KB
-
Sample
240619-xmbefaxbpf
-
MD5
000f5e2e3222dcfad7c7d6b7114f8ac6
-
SHA1
394c3d26c2adcce9a7e7f25ddcb7c074028f43ea
-
SHA256
2ca33b70d70e44323e6fccf44fe9fc249a515fd2f450239576b5339d3899afc0
-
SHA512
f22ad846c1b73eb96defdbfcf4649b0b46401953da4b7b1b5256ec38c56732e8e72839c5d40234ff162629141f2658cec0f7165b9f52866b2d93aaadc8451940
-
SSDEEP
384:hyVlNjtU2eepYEkolZyqrqmQjXyMrYVij5NRECI4E7zEFEAUR2mAJ:EVlTVlZ9iiqYk5N9IvXEFEAO8
Static task
static1
Behavioral task
behavioral1
Sample
000f5e2e3222dcfad7c7d6b7114f8ac6_JaffaCakes118.dll
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
000f5e2e3222dcfad7c7d6b7114f8ac6_JaffaCakes118.dll
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
000f5e2e3222dcfad7c7d6b7114f8ac6_JaffaCakes118
-
Size
23KB
-
MD5
000f5e2e3222dcfad7c7d6b7114f8ac6
-
SHA1
394c3d26c2adcce9a7e7f25ddcb7c074028f43ea
-
SHA256
2ca33b70d70e44323e6fccf44fe9fc249a515fd2f450239576b5339d3899afc0
-
SHA512
f22ad846c1b73eb96defdbfcf4649b0b46401953da4b7b1b5256ec38c56732e8e72839c5d40234ff162629141f2658cec0f7165b9f52866b2d93aaadc8451940
-
SSDEEP
384:hyVlNjtU2eepYEkolZyqrqmQjXyMrYVij5NRECI4E7zEFEAUR2mAJ:EVlTVlZ9iiqYk5N9IvXEFEAO8
Score10/10-
Modifies firewall policy service
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1