General
-
Target
0014b2b28526b06b834b1358f685bfe4_JaffaCakes118
-
Size
515KB
-
Sample
240619-xqqnjaxdmg
-
MD5
0014b2b28526b06b834b1358f685bfe4
-
SHA1
471ee6625f52bf0a01c29c10bfc664ff1b86a0c5
-
SHA256
55330baa5e0c5389dc4755e3144067a63fa9ceed543bb30357400cb5ff31f99c
-
SHA512
0850655c1dab7cc24c7f6bbb13974fa8f32a21575d929369cb817a7a35682a99f4b24f495eb7b036bac6c686f62f248b9efb90694e391ef0bd78c6958564a8a7
-
SSDEEP
384:PdD9d6G4KwTrzMdusiBdCcK7anY3tAEjR+E8ZzXtr1o0B:PrkXMdKdCcQ3mkR6XtZo2
Static task
static1
Behavioral task
behavioral1
Sample
0014b2b28526b06b834b1358f685bfe4_JaffaCakes118.dll
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
0014b2b28526b06b834b1358f685bfe4_JaffaCakes118.dll
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
0014b2b28526b06b834b1358f685bfe4_JaffaCakes118
-
Size
515KB
-
MD5
0014b2b28526b06b834b1358f685bfe4
-
SHA1
471ee6625f52bf0a01c29c10bfc664ff1b86a0c5
-
SHA256
55330baa5e0c5389dc4755e3144067a63fa9ceed543bb30357400cb5ff31f99c
-
SHA512
0850655c1dab7cc24c7f6bbb13974fa8f32a21575d929369cb817a7a35682a99f4b24f495eb7b036bac6c686f62f248b9efb90694e391ef0bd78c6958564a8a7
-
SSDEEP
384:PdD9d6G4KwTrzMdusiBdCcK7anY3tAEjR+E8ZzXtr1o0B:PrkXMdKdCcQ3mkR6XtZo2
Score10/10-
Modifies firewall policy service
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1