General
-
Target
001600d46f11f2cc0133dc9f9c3deb3a_JaffaCakes118
-
Size
21KB
-
Sample
240619-xrbk1asapk
-
MD5
001600d46f11f2cc0133dc9f9c3deb3a
-
SHA1
c5bc818c990a653dc56de437bf84e38c1d0a07bd
-
SHA256
79eb00048ad2aad5ae6f0671b54631cac8f527695a406c2b2913881ac0ded8d4
-
SHA512
d765a008deed3465ef85562c624781e28fe0694baf24f7b9eaeaa33c6857fed6738b051e46be613facaf02aec7689435fae3500b43c97252a7720c3336e83cb2
-
SSDEEP
384:SqPyZNjtU2mC45T7Rsauw2zDL0nIhja6OGYYNtujvr3b1ezEFxWI5Q:SKyZDK9/ODk8NNcNOEFxi
Malware Config
Targets
-
-
Target
001600d46f11f2cc0133dc9f9c3deb3a_JaffaCakes118
-
Size
21KB
-
MD5
001600d46f11f2cc0133dc9f9c3deb3a
-
SHA1
c5bc818c990a653dc56de437bf84e38c1d0a07bd
-
SHA256
79eb00048ad2aad5ae6f0671b54631cac8f527695a406c2b2913881ac0ded8d4
-
SHA512
d765a008deed3465ef85562c624781e28fe0694baf24f7b9eaeaa33c6857fed6738b051e46be613facaf02aec7689435fae3500b43c97252a7720c3336e83cb2
-
SSDEEP
384:SqPyZNjtU2mC45T7Rsauw2zDL0nIhja6OGYYNtujvr3b1ezEFxWI5Q:SKyZDK9/ODk8NNcNOEFxi
Score10/10-
Modifies firewall policy service
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1