General
-
Target
00123508b87edee35927ee3e791d7441_JaffaCakes118
-
Size
21KB
-
Sample
240619-xn9nma1hpl
-
MD5
00123508b87edee35927ee3e791d7441
-
SHA1
c6786d3e9e604008ca50393d8ef9a87df6cdfce3
-
SHA256
223f0c274c7e825bbbc6952d97112e38b539afd11a8855792927638c83b2ce7c
-
SHA512
e18c71c73886097f358bedb7c97e2ef5ec96a945046edd2c40aa74d9fe50e62a6091baacd29a14c9b85aad84a122a687c2c9268c86955d4c408dd83e1b4cd549
-
SSDEEP
384:OPyZNjtU2mS5oJj0deRrOYUQOYIT6+LIrsrN3Sjepof+zX6XuU:uyZ/pjY8YQ6YIrsJS/fuX6Xp
Static task
static1
Behavioral task
behavioral1
Sample
00123508b87edee35927ee3e791d7441_JaffaCakes118.dll
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
00123508b87edee35927ee3e791d7441_JaffaCakes118.dll
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
00123508b87edee35927ee3e791d7441_JaffaCakes118
-
Size
21KB
-
MD5
00123508b87edee35927ee3e791d7441
-
SHA1
c6786d3e9e604008ca50393d8ef9a87df6cdfce3
-
SHA256
223f0c274c7e825bbbc6952d97112e38b539afd11a8855792927638c83b2ce7c
-
SHA512
e18c71c73886097f358bedb7c97e2ef5ec96a945046edd2c40aa74d9fe50e62a6091baacd29a14c9b85aad84a122a687c2c9268c86955d4c408dd83e1b4cd549
-
SSDEEP
384:OPyZNjtU2mS5oJj0deRrOYUQOYIT6+LIrsrN3Sjepof+zX6XuU:uyZ/pjY8YQ6YIrsJS/fuX6Xp
Score10/10-
Modifies firewall policy service
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1