General
-
Target
00162441c854016cdd004c74c1050026_JaffaCakes118
-
Size
514KB
-
Sample
240619-xrc4tsxdqa
-
MD5
00162441c854016cdd004c74c1050026
-
SHA1
08f2c3254a391657488ad07b53462923470a24cd
-
SHA256
18defa4bfaa2c747fce8ef441786d363a7eea6bcba644c1de8519622b8fa3c33
-
SHA512
2a65eb254b65e29e04377b554a70f4a2a41a7f77247d8c0fa14925e0f9b2330e5424cf0563882fb3bc9a35be022206965d5f6a3eb2ada786c7d0a3448538e73b
-
SSDEEP
384:8idD9d6GAvmAECb16mG7nPKyQvF0743hMb1sjDpHEpnMnzXeoXWQgbi:pXD+16k9074xhDjzXeo2i
Malware Config
Targets
-
-
Target
00162441c854016cdd004c74c1050026_JaffaCakes118
-
Size
514KB
-
MD5
00162441c854016cdd004c74c1050026
-
SHA1
08f2c3254a391657488ad07b53462923470a24cd
-
SHA256
18defa4bfaa2c747fce8ef441786d363a7eea6bcba644c1de8519622b8fa3c33
-
SHA512
2a65eb254b65e29e04377b554a70f4a2a41a7f77247d8c0fa14925e0f9b2330e5424cf0563882fb3bc9a35be022206965d5f6a3eb2ada786c7d0a3448538e73b
-
SSDEEP
384:8idD9d6GAvmAECb16mG7nPKyQvF0743hMb1sjDpHEpnMnzXeoXWQgbi:pXD+16k9074xhDjzXeo2i
Score10/10-
Modifies firewall policy service
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1