General
-
Target
000f63f8a246ca43134d15df5e8a2d05_JaffaCakes118
-
Size
392KB
-
Sample
240619-xmcbqs1gpq
-
MD5
000f63f8a246ca43134d15df5e8a2d05
-
SHA1
31d9f267fdd7a1e75b416a7b05b8dc96018ba7ac
-
SHA256
c062c16cf3db63c9cdd5d24bd66404c7cb57339a77d98dcff105806fc7ad75af
-
SHA512
5de842679cc094a861810003b496f0676724b90d268bb4c897fd5d878660b8998d8954d96c47ac7df71e47f663638d2d44f7a6b38a1d4617fa65b5d8c7fdad75
-
SSDEEP
384:GidD9d6GAr+4JPr1MVa06K96gS0Av6icErLUj6IECKySMzEWaoH:/LO1NKTpnaXU6z5sEWao
Static task
static1
Behavioral task
behavioral1
Sample
000f63f8a246ca43134d15df5e8a2d05_JaffaCakes118.dll
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
000f63f8a246ca43134d15df5e8a2d05_JaffaCakes118.dll
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
000f63f8a246ca43134d15df5e8a2d05_JaffaCakes118
-
Size
392KB
-
MD5
000f63f8a246ca43134d15df5e8a2d05
-
SHA1
31d9f267fdd7a1e75b416a7b05b8dc96018ba7ac
-
SHA256
c062c16cf3db63c9cdd5d24bd66404c7cb57339a77d98dcff105806fc7ad75af
-
SHA512
5de842679cc094a861810003b496f0676724b90d268bb4c897fd5d878660b8998d8954d96c47ac7df71e47f663638d2d44f7a6b38a1d4617fa65b5d8c7fdad75
-
SSDEEP
384:GidD9d6GAr+4JPr1MVa06K96gS0Av6icErLUj6IECKySMzEWaoH:/LO1NKTpnaXU6z5sEWao
Score10/10-
Modifies firewall policy service
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1