General
-
Target
001252f3420ba6fbccc52dced16c6b7c_JaffaCakes118
-
Size
25KB
-
Sample
240619-xpbszsxcnh
-
MD5
001252f3420ba6fbccc52dced16c6b7c
-
SHA1
6d840d0e9507588e34a26eb3bb73b8fd2f1503a9
-
SHA256
ec11eaa530b065d39cd2c0150860b290ead9f71da820726b647e558481c0cf47
-
SHA512
165ae75d685e4317d62f85ffd70f488e6fbbfe7397b41714240141581df11b923ba108565d59d1b6f029933bec4ce235130dfc7fdb4b38f95bdda957eea436a6
-
SSDEEP
384:9dD9d6G43iQQrEouVlyvK8su4Q45VFsCXa5qjJ3EmpN4z61r6yT7JpQN:9DLSyvFH4Vu5qJLa61GyT8
Static task
static1
Behavioral task
behavioral1
Sample
001252f3420ba6fbccc52dced16c6b7c_JaffaCakes118.dll
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
001252f3420ba6fbccc52dced16c6b7c_JaffaCakes118.dll
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
001252f3420ba6fbccc52dced16c6b7c_JaffaCakes118
-
Size
25KB
-
MD5
001252f3420ba6fbccc52dced16c6b7c
-
SHA1
6d840d0e9507588e34a26eb3bb73b8fd2f1503a9
-
SHA256
ec11eaa530b065d39cd2c0150860b290ead9f71da820726b647e558481c0cf47
-
SHA512
165ae75d685e4317d62f85ffd70f488e6fbbfe7397b41714240141581df11b923ba108565d59d1b6f029933bec4ce235130dfc7fdb4b38f95bdda957eea436a6
-
SSDEEP
384:9dD9d6G43iQQrEouVlyvK8su4Q45VFsCXa5qjJ3EmpN4z61r6yT7JpQN:9DLSyvFH4Vu5qJLa61GyT8
Score10/10-
Modifies firewall policy service
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1