General
-
Target
00139a122194926e51adc54b68523656_JaffaCakes118
-
Size
524KB
-
Sample
240619-xp4trsxdkc
-
MD5
00139a122194926e51adc54b68523656
-
SHA1
b87c4017e1b1a858f9f096cb672eb3341d7df40d
-
SHA256
e9a39ba49aa91f50c076287856e2fd7b67d89e4bd2076e7c1c21a9130f6a6de6
-
SHA512
7282228ce589e6a0e3c494a394d7510aa03a64a6c08378479c8eea9266695b63c2afe1ded4213062d15efb9b25686eb50d03f4d90d530d0c36a1f6baa8a3955f
-
SSDEEP
384:uGdaFciz4Wb3HXLdW1pitCexvpGWKBqvlaNE+FSzVUzRDhAYYO7vX20sLa/kK0kE:uG097bQACXWm6lajRD46O0sBK0oyW9Le
Static task
static1
Behavioral task
behavioral1
Sample
00139a122194926e51adc54b68523656_JaffaCakes118.dll
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
00139a122194926e51adc54b68523656_JaffaCakes118.dll
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
00139a122194926e51adc54b68523656_JaffaCakes118
-
Size
524KB
-
MD5
00139a122194926e51adc54b68523656
-
SHA1
b87c4017e1b1a858f9f096cb672eb3341d7df40d
-
SHA256
e9a39ba49aa91f50c076287856e2fd7b67d89e4bd2076e7c1c21a9130f6a6de6
-
SHA512
7282228ce589e6a0e3c494a394d7510aa03a64a6c08378479c8eea9266695b63c2afe1ded4213062d15efb9b25686eb50d03f4d90d530d0c36a1f6baa8a3955f
-
SSDEEP
384:uGdaFciz4Wb3HXLdW1pitCexvpGWKBqvlaNE+FSzVUzRDhAYYO7vX20sLa/kK0kE:uG097bQACXWm6lajRD46O0sBK0oyW9Le
Score10/10-
Modifies firewall policy service
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1