General
-
Target
0014300c72be786268c166354bbfb4ca_JaffaCakes118
-
Size
516KB
-
Sample
240619-xqcfxasakk
-
MD5
0014300c72be786268c166354bbfb4ca
-
SHA1
e5ef382f9d89c0e074a49830d655ff7be2d007ac
-
SHA256
f49885b237fa17af0bdf0df7ce6e10eda96abb5a38ec1d828c4725f845e5cb7d
-
SHA512
6f97f36763c8a577948ea508540e3a290fa76198e1b22d07e16722cc307520a0253aef7a42edfba1804546b9cce6935549067c57832faa14e63d3780fba2c87f
-
SSDEEP
768:DG6kd2PdChgLdDXCfW5Bq+omIweuUwVuC:8OdrL8fa8pwVP
Static task
static1
Behavioral task
behavioral1
Sample
0014300c72be786268c166354bbfb4ca_JaffaCakes118.dll
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
0014300c72be786268c166354bbfb4ca_JaffaCakes118.dll
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
0014300c72be786268c166354bbfb4ca_JaffaCakes118
-
Size
516KB
-
MD5
0014300c72be786268c166354bbfb4ca
-
SHA1
e5ef382f9d89c0e074a49830d655ff7be2d007ac
-
SHA256
f49885b237fa17af0bdf0df7ce6e10eda96abb5a38ec1d828c4725f845e5cb7d
-
SHA512
6f97f36763c8a577948ea508540e3a290fa76198e1b22d07e16722cc307520a0253aef7a42edfba1804546b9cce6935549067c57832faa14e63d3780fba2c87f
-
SSDEEP
768:DG6kd2PdChgLdDXCfW5Bq+omIweuUwVuC:8OdrL8fa8pwVP
Score10/10-
Modifies firewall policy service
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1