General
-
Target
001240e900af7824d4a9e6b8a811645d_JaffaCakes118
-
Size
24KB
-
Sample
240619-xn996axcnf
-
MD5
001240e900af7824d4a9e6b8a811645d
-
SHA1
a265dfcc6b017ddcee9acc2855c6940c6aa02898
-
SHA256
e8b2e2d6a19fdb42b81d0f011e3d73c1e6509aa38cff3f8aa4d84539a4dbbe79
-
SHA512
53de17d3357937c15f57213735245e9d3100ed62baadb1f55fe69b573482888192c9c14c00f50f00cbab698d1f443e678702c628be2260af560e5fb12c4463df
-
SSDEEP
384:5idD9d6GAWaAxbo+GjZ8gg86isnX4+HlpiiWXjtfEGPzaT5RzxIAw0YMz5:weieTlsnX4+FZ6tDPM1xIAwQ
Static task
static1
Behavioral task
behavioral1
Sample
001240e900af7824d4a9e6b8a811645d_JaffaCakes118.dll
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
001240e900af7824d4a9e6b8a811645d_JaffaCakes118.dll
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
001240e900af7824d4a9e6b8a811645d_JaffaCakes118
-
Size
24KB
-
MD5
001240e900af7824d4a9e6b8a811645d
-
SHA1
a265dfcc6b017ddcee9acc2855c6940c6aa02898
-
SHA256
e8b2e2d6a19fdb42b81d0f011e3d73c1e6509aa38cff3f8aa4d84539a4dbbe79
-
SHA512
53de17d3357937c15f57213735245e9d3100ed62baadb1f55fe69b573482888192c9c14c00f50f00cbab698d1f443e678702c628be2260af560e5fb12c4463df
-
SSDEEP
384:5idD9d6GAWaAxbo+GjZ8gg86isnX4+HlpiiWXjtfEGPzaT5RzxIAw0YMz5:weieTlsnX4+FZ6tDPM1xIAwQ
Score10/10-
Modifies firewall policy service
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1