General
-
Target
0012df165ed7738f989d854d11cd86c7_JaffaCakes118
-
Size
23KB
-
Sample
240619-xpngsaxcqc
-
MD5
0012df165ed7738f989d854d11cd86c7
-
SHA1
a6ed5c9db3adf019832bc932c663f92428db5858
-
SHA256
bb6cbe552a2732654f20efc80f2f6080d127f5d847a73b41965e10fe49ce2282
-
SHA512
1cff9ef36032e1f2cbc059e6802957fc06b3b102abc2c86a4aa1f3af8cf5d56cdce32a0a25460374be4df685c171c19cb3a1ed5904d65a419b10f81cfec0d06c
-
SSDEEP
384:tidD9d6GArO45TlZcfkZmQt6aOJWj1o3asE9AzotW3RwB6:srK30ceJGuKTAotWBf
Static task
static1
Behavioral task
behavioral1
Sample
0012df165ed7738f989d854d11cd86c7_JaffaCakes118.dll
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
0012df165ed7738f989d854d11cd86c7_JaffaCakes118.dll
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
0012df165ed7738f989d854d11cd86c7_JaffaCakes118
-
Size
23KB
-
MD5
0012df165ed7738f989d854d11cd86c7
-
SHA1
a6ed5c9db3adf019832bc932c663f92428db5858
-
SHA256
bb6cbe552a2732654f20efc80f2f6080d127f5d847a73b41965e10fe49ce2282
-
SHA512
1cff9ef36032e1f2cbc059e6802957fc06b3b102abc2c86a4aa1f3af8cf5d56cdce32a0a25460374be4df685c171c19cb3a1ed5904d65a419b10f81cfec0d06c
-
SSDEEP
384:tidD9d6GArO45TlZcfkZmQt6aOJWj1o3asE9AzotW3RwB6:srK30ceJGuKTAotWBf
Score10/10-
Modifies firewall policy service
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1