General
-
Target
0013f432b024e4eafc2ff1eabefa0a13_JaffaCakes118
-
Size
22KB
-
Sample
240619-xp9p1sxdkh
-
MD5
0013f432b024e4eafc2ff1eabefa0a13
-
SHA1
8b749d5ee05f0589754f8588ef07a8908d9d27b3
-
SHA256
12920a9d293a25236f5ea8f6ee517d7f264f176d07576282f1d3bacfc2c23fb8
-
SHA512
61549f6a00e93e14fc4f92ef457d14672ba0e23ab11d9caa8258d078e1096248fd414388844c37b3758cfc158167ba130445702d059b03208679bbc94d27c54c
-
SSDEEP
384:vPyZNjtU2mPgALpGhWKxl61oMojjZQddhzxZeeCn3N:3yZWrpDKmotSddlxZetd
Static task
static1
Behavioral task
behavioral1
Sample
0013f432b024e4eafc2ff1eabefa0a13_JaffaCakes118.dll
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
0013f432b024e4eafc2ff1eabefa0a13_JaffaCakes118.dll
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
0013f432b024e4eafc2ff1eabefa0a13_JaffaCakes118
-
Size
22KB
-
MD5
0013f432b024e4eafc2ff1eabefa0a13
-
SHA1
8b749d5ee05f0589754f8588ef07a8908d9d27b3
-
SHA256
12920a9d293a25236f5ea8f6ee517d7f264f176d07576282f1d3bacfc2c23fb8
-
SHA512
61549f6a00e93e14fc4f92ef457d14672ba0e23ab11d9caa8258d078e1096248fd414388844c37b3758cfc158167ba130445702d059b03208679bbc94d27c54c
-
SSDEEP
384:vPyZNjtU2mPgALpGhWKxl61oMojjZQddhzxZeeCn3N:3yZWrpDKmotSddlxZetd
Score10/10-
Modifies firewall policy service
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1