General
-
Target
0056cf820a1a4d5462962a030b5aee55_JaffaCakes118
-
Size
20KB
-
Sample
240619-y743xsvbql
-
MD5
0056cf820a1a4d5462962a030b5aee55
-
SHA1
8d12203f2819ed5d9cb4dd7c182a18d95e1bd133
-
SHA256
b2e2841a4140afc841c02453b351b2251ca491b66bc5d7ac1c4e377e8d42fb11
-
SHA512
8132392ba53ec7f9d211d8d255956eaaaaaa1b1f15d0fb398d479f3e1cc607213ede369ef9d2207250f30848c6ea0559bc69fc07f0e24c82b2163c8caaaf5f98
-
SSDEEP
384:VaPyZNjtU2mvgOnyM7gMKejQvcA14OjJFUHk0H5zEicznp2MU:VayZm6M75cvcEoJEic7pxU
Malware Config
Targets
-
-
Target
0056cf820a1a4d5462962a030b5aee55_JaffaCakes118
-
Size
20KB
-
MD5
0056cf820a1a4d5462962a030b5aee55
-
SHA1
8d12203f2819ed5d9cb4dd7c182a18d95e1bd133
-
SHA256
b2e2841a4140afc841c02453b351b2251ca491b66bc5d7ac1c4e377e8d42fb11
-
SHA512
8132392ba53ec7f9d211d8d255956eaaaaaa1b1f15d0fb398d479f3e1cc607213ede369ef9d2207250f30848c6ea0559bc69fc07f0e24c82b2163c8caaaf5f98
-
SSDEEP
384:VaPyZNjtU2mvgOnyM7gMKejQvcA14OjJFUHk0H5zEicznp2MU:VayZm6M75cvcEoJEic7pxU
Score10/10-
Modifies firewall policy service
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1