General
-
Target
001a022f53d2d6d0fb9167e44eaba4d0_JaffaCakes118
-
Size
23KB
-
Sample
240619-xtcabasbnn
-
MD5
001a022f53d2d6d0fb9167e44eaba4d0
-
SHA1
dddfb329e8069537f845c163b2404e0497b683ab
-
SHA256
fb689288635c23149ede7ded024c1142c73cd9cde506fc4f967454bea9ccbc07
-
SHA512
d3c048ffc6c145407daecba0caec0cbd6fb5c5df8232b415a082ab57b26bd1e2cd53220f420d118105dc191574d5cf27d49a7fde2a5770df314b460f155473dd
-
SSDEEP
384:gidD9d6GAKuQBrQts5wFWdT4O9jRS7BoEdnZkSzEN8wtq9f2JWh:VWyYZW2OJc7B/nJENHk9fD
Malware Config
Targets
-
-
Target
001a022f53d2d6d0fb9167e44eaba4d0_JaffaCakes118
-
Size
23KB
-
MD5
001a022f53d2d6d0fb9167e44eaba4d0
-
SHA1
dddfb329e8069537f845c163b2404e0497b683ab
-
SHA256
fb689288635c23149ede7ded024c1142c73cd9cde506fc4f967454bea9ccbc07
-
SHA512
d3c048ffc6c145407daecba0caec0cbd6fb5c5df8232b415a082ab57b26bd1e2cd53220f420d118105dc191574d5cf27d49a7fde2a5770df314b460f155473dd
-
SSDEEP
384:gidD9d6GAKuQBrQts5wFWdT4O9jRS7BoEdnZkSzEN8wtq9f2JWh:VWyYZW2OJc7B/nJENHk9fD
Score10/10-
Modifies firewall policy service
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1