General
-
Target
00144f9436fdd2b4173cca79461831df_JaffaCakes118
-
Size
24KB
-
Sample
240619-xqh9fssakp
-
MD5
00144f9436fdd2b4173cca79461831df
-
SHA1
7e17265df3f83dd9c760e658dff0f3786738f977
-
SHA256
96716021a43130c4eb40283d86fcea4704ecd73dec8a36a1063197f6970658f9
-
SHA512
6c9975aa3975161d94d5b109e9203fff2b5c4a99e6e601808d790d683e4061c0c9bc342b0c6271d75456b427eda187449e395aba1c189a5081bba432726e5654
-
SSDEEP
384:pdD9d6G4f/r1KeYS4oxgWZqVjgG2GCafj64BEHuazwIErIuCv:pKGkwVjgG2G64LawIEHO
Static task
static1
Behavioral task
behavioral1
Sample
00144f9436fdd2b4173cca79461831df_JaffaCakes118.dll
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
00144f9436fdd2b4173cca79461831df_JaffaCakes118.dll
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
00144f9436fdd2b4173cca79461831df_JaffaCakes118
-
Size
24KB
-
MD5
00144f9436fdd2b4173cca79461831df
-
SHA1
7e17265df3f83dd9c760e658dff0f3786738f977
-
SHA256
96716021a43130c4eb40283d86fcea4704ecd73dec8a36a1063197f6970658f9
-
SHA512
6c9975aa3975161d94d5b109e9203fff2b5c4a99e6e601808d790d683e4061c0c9bc342b0c6271d75456b427eda187449e395aba1c189a5081bba432726e5654
-
SSDEEP
384:pdD9d6G4f/r1KeYS4oxgWZqVjgG2GCafj64BEHuazwIErIuCv:pKGkwVjgG2G64LawIEHO
Score10/10-
Modifies firewall policy service
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1