General
-
Target
00105e53d40533302d7021f63d954a9a_JaffaCakes118
-
Size
512KB
-
Sample
240619-xmxbxa1hjn
-
MD5
00105e53d40533302d7021f63d954a9a
-
SHA1
9a6def1fc9c7135aea74c616a930d832bc7fd0f8
-
SHA256
76a502b32874edf2adbb5cd77516566723a95e35ad8e396ef8e995036f91051b
-
SHA512
1bcd4515644297dc5802bc208f8fd1402e0eff3e99c7b75352aab90cc88766f947a876fca24aa92b5dc5bcd98d0c67a5e5c98fce96e98e33f76616017b991592
-
SSDEEP
384:JaPyZNjtU2mW4MLfyHJOy3ffj1AjaPlv1X/jl5/0Eb2UUzEIg6Ggy:oyZHT2h3D1Y+7l5/s/EIgHB
Static task
static1
Behavioral task
behavioral1
Sample
00105e53d40533302d7021f63d954a9a_JaffaCakes118.dll
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
00105e53d40533302d7021f63d954a9a_JaffaCakes118.dll
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
00105e53d40533302d7021f63d954a9a_JaffaCakes118
-
Size
512KB
-
MD5
00105e53d40533302d7021f63d954a9a
-
SHA1
9a6def1fc9c7135aea74c616a930d832bc7fd0f8
-
SHA256
76a502b32874edf2adbb5cd77516566723a95e35ad8e396ef8e995036f91051b
-
SHA512
1bcd4515644297dc5802bc208f8fd1402e0eff3e99c7b75352aab90cc88766f947a876fca24aa92b5dc5bcd98d0c67a5e5c98fce96e98e33f76616017b991592
-
SSDEEP
384:JaPyZNjtU2mW4MLfyHJOy3ffj1AjaPlv1X/jl5/0Eb2UUzEIg6Ggy:oyZHT2h3D1Y+7l5/s/EIgHB
Score10/10-
Modifies firewall policy service
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1