General
-
Target
0014da591597b307fb99c7308a8d7da0_JaffaCakes118
-
Size
25KB
-
Sample
240619-xqtp7asamk
-
MD5
0014da591597b307fb99c7308a8d7da0
-
SHA1
28a21272464cda828dafcf52990df7d93d08843c
-
SHA256
54a2bdcfd8217a19d2b1b44172681118bfe1f47056a22596188d863cb1b4382a
-
SHA512
b2c85a90994de7d80892a2e238e68c418fe1befa73d349d04fbad3aa0f5cb273acf5e50420683ade2e48b82412e2877aecc87ae9d8541f58dcd9b934ee7cc17b
-
SSDEEP
384:ALXTfb7njvr3zGudD9d6GaTfbnh8HDPLXXTfbnjvrYz/7HDPLXTfbnjvr3z/Surt:ADd5lAxa+A1VVnH2UiF/Pk9W
Static task
static1
Behavioral task
behavioral1
Sample
0014da591597b307fb99c7308a8d7da0_JaffaCakes118.dll
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
0014da591597b307fb99c7308a8d7da0_JaffaCakes118.dll
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
0014da591597b307fb99c7308a8d7da0_JaffaCakes118
-
Size
25KB
-
MD5
0014da591597b307fb99c7308a8d7da0
-
SHA1
28a21272464cda828dafcf52990df7d93d08843c
-
SHA256
54a2bdcfd8217a19d2b1b44172681118bfe1f47056a22596188d863cb1b4382a
-
SHA512
b2c85a90994de7d80892a2e238e68c418fe1befa73d349d04fbad3aa0f5cb273acf5e50420683ade2e48b82412e2877aecc87ae9d8541f58dcd9b934ee7cc17b
-
SSDEEP
384:ALXTfb7njvr3zGudD9d6GaTfbnh8HDPLXXTfbnjvrYz/7HDPLXTfbnjvr3z/Surt:ADd5lAxa+A1VVnH2UiF/Pk9W
Score10/10-
Modifies firewall policy service
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1