General
-
Target
001cc20e99f727d71334334260f23ec1_JaffaCakes118
-
Size
516KB
-
Sample
240619-xv2xcsxflf
-
MD5
001cc20e99f727d71334334260f23ec1
-
SHA1
5f440fcb83b50fa1e2aa823444a4e3d60528f6bd
-
SHA256
464260bb87114ee99e473cae1b65586d829ac00693d936ff83548e1a7be635f7
-
SHA512
b7a98feeb7579a984c8ea500071540ac8661984d7f62ce2d243d9c10669dc270dff770252d6cca2cf9884790cea5bb96fec8b5add364f52844a353f654d74bd1
-
SSDEEP
384:TdD9d6G4HegkfkfD1U0eaFQMWQQNa9l6uYEiTQvKdCzaCVA/IJ6MjNPYQEyT3dVy:TPDf21kwqQvPLVRHNQidSMXaVBh
Malware Config
Targets
-
-
Target
001cc20e99f727d71334334260f23ec1_JaffaCakes118
-
Size
516KB
-
MD5
001cc20e99f727d71334334260f23ec1
-
SHA1
5f440fcb83b50fa1e2aa823444a4e3d60528f6bd
-
SHA256
464260bb87114ee99e473cae1b65586d829ac00693d936ff83548e1a7be635f7
-
SHA512
b7a98feeb7579a984c8ea500071540ac8661984d7f62ce2d243d9c10669dc270dff770252d6cca2cf9884790cea5bb96fec8b5add364f52844a353f654d74bd1
-
SSDEEP
384:TdD9d6G4HegkfkfD1U0eaFQMWQQNa9l6uYEiTQvKdCzaCVA/IJ6MjNPYQEyT3dVy:TPDf21kwqQvPLVRHNQidSMXaVBh
Score10/10-
Modifies firewall policy service
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1