General
-
Target
0013f881c3d314fc16c3b5bf8ab3a60c_JaffaCakes118
-
Size
23KB
-
Sample
240619-xqabjsxdlc
-
MD5
0013f881c3d314fc16c3b5bf8ab3a60c
-
SHA1
65d9fae598b3ac286e8551e400635477ebf82ab6
-
SHA256
a48763346f3b202beace9b47a9a95d7c83159899c709604e140ded23beca47be
-
SHA512
8e9ffae87b7251757b4e6e12aee29800250b0198c54150b55132b0408431b8a483dfc9d206dc264baaba97b701dfdf4ebf4ac14762db55f6c4f8c8dc1f4ff73b
-
SSDEEP
384:TidD9d6GAm2QBzXoi+V+Ma3LfU24Gv3jr5Jw2E9zEiuu4nrt9m:GK6nJj3LZLrjwREiuuCt9m
Static task
static1
Behavioral task
behavioral1
Sample
0013f881c3d314fc16c3b5bf8ab3a60c_JaffaCakes118.dll
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
0013f881c3d314fc16c3b5bf8ab3a60c_JaffaCakes118.dll
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
0013f881c3d314fc16c3b5bf8ab3a60c_JaffaCakes118
-
Size
23KB
-
MD5
0013f881c3d314fc16c3b5bf8ab3a60c
-
SHA1
65d9fae598b3ac286e8551e400635477ebf82ab6
-
SHA256
a48763346f3b202beace9b47a9a95d7c83159899c709604e140ded23beca47be
-
SHA512
8e9ffae87b7251757b4e6e12aee29800250b0198c54150b55132b0408431b8a483dfc9d206dc264baaba97b701dfdf4ebf4ac14762db55f6c4f8c8dc1f4ff73b
-
SSDEEP
384:TidD9d6GAm2QBzXoi+V+Ma3LfU24Gv3jr5Jw2E9zEiuu4nrt9m:GK6nJj3LZLrjwREiuuCt9m
Score10/10-
Modifies firewall policy service
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1