General
-
Target
001288bb20eb2ec49609356da774352d_JaffaCakes118
-
Size
23KB
-
Sample
240619-xpejwaxcpc
-
MD5
001288bb20eb2ec49609356da774352d
-
SHA1
64caaa65501ebc538afefcc37f83104b8629894f
-
SHA256
8df17b59916d9b1b3dcc5606062c588fc95ec978feacb9bcf78bc30568f9a393
-
SHA512
6c1470030c806bb6f9b9d55a818dad91b6dbc45e2c86d34b3563964ae678cb461cb4b0ab66a83bcdbe087ccc50dab612fde7bcaefaaf7574d4fcdb994c24db32
-
SSDEEP
384:aPyZNjtU2mC45z+qbJdVOKmwVCjqDEoefZjuMzET8R5Hc:ayZDK93V/VSqFOjTET258
Static task
static1
Behavioral task
behavioral1
Sample
001288bb20eb2ec49609356da774352d_JaffaCakes118.dll
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
001288bb20eb2ec49609356da774352d_JaffaCakes118.dll
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
001288bb20eb2ec49609356da774352d_JaffaCakes118
-
Size
23KB
-
MD5
001288bb20eb2ec49609356da774352d
-
SHA1
64caaa65501ebc538afefcc37f83104b8629894f
-
SHA256
8df17b59916d9b1b3dcc5606062c588fc95ec978feacb9bcf78bc30568f9a393
-
SHA512
6c1470030c806bb6f9b9d55a818dad91b6dbc45e2c86d34b3563964ae678cb461cb4b0ab66a83bcdbe087ccc50dab612fde7bcaefaaf7574d4fcdb994c24db32
-
SSDEEP
384:aPyZNjtU2mC45z+qbJdVOKmwVCjqDEoefZjuMzET8R5Hc:ayZDK93V/VSqFOjTET258
Score10/10-
Modifies firewall policy service
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1