General
-
Target
0012c5e547b0b09b1726fe201785e632_JaffaCakes118
-
Size
20KB
-
Sample
240619-xpkqws1hrj
-
MD5
0012c5e547b0b09b1726fe201785e632
-
SHA1
7c0d6616d7795537c7cc5e7376f0699b4eea1da7
-
SHA256
e6cbff6de16a59ad14f13c13c9ce0b0740c88ed0f071f2ce8f5fdb68e23cf881
-
SHA512
c0c669ae3b7c8a2b3c75bddc834f64ee89db5e5471afb6bd7f90e0f482fd4fed0ae9199d4f4dbfe5d8174c48449f69a0b3d20feeb8c1f789cd944b6eb67a666a
-
SSDEEP
384:rPyZNjtU2m/gxDwGpmEs1C1PNskqEjHbzEiqrRSEXH:zyZmKl5kC1V7XEiqrRS8H
Static task
static1
Behavioral task
behavioral1
Sample
0012c5e547b0b09b1726fe201785e632_JaffaCakes118.dll
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
0012c5e547b0b09b1726fe201785e632_JaffaCakes118.dll
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
0012c5e547b0b09b1726fe201785e632_JaffaCakes118
-
Size
20KB
-
MD5
0012c5e547b0b09b1726fe201785e632
-
SHA1
7c0d6616d7795537c7cc5e7376f0699b4eea1da7
-
SHA256
e6cbff6de16a59ad14f13c13c9ce0b0740c88ed0f071f2ce8f5fdb68e23cf881
-
SHA512
c0c669ae3b7c8a2b3c75bddc834f64ee89db5e5471afb6bd7f90e0f482fd4fed0ae9199d4f4dbfe5d8174c48449f69a0b3d20feeb8c1f789cd944b6eb67a666a
-
SSDEEP
384:rPyZNjtU2m/gxDwGpmEs1C1PNskqEjHbzEiqrRSEXH:zyZmKl5kC1V7XEiqrRS8H
Score10/10-
Modifies firewall policy service
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1