General
-
Target
007709ba1b5a683319157ce8e492781c_JaffaCakes118
-
Size
83KB
-
Sample
240619-zrl3va1epe
-
MD5
007709ba1b5a683319157ce8e492781c
-
SHA1
bc44500ee3b71c6c2f4687b7ffe0f2000fbadb4c
-
SHA256
9577137687570a7a1f749f011a6e747cde2e001905d57c8922f20bcba52d2830
-
SHA512
3fc2eeb45de28a2568b3ba661551b659557393cd59bbe7aa14ebae8c2a217ecf74a35c16d65a858f0ff94aa2cd518133cf0e9ee17fdba2231aad35ae5f1e278c
-
SSDEEP
384:DidD9d6GAPvgkfb3yHiPTGT0oEb1Av4T4GfuAtjBQ3jCBBEguozXtVjw:2ODfu90f1ffUCBjXtVj
Malware Config
Targets
-
-
Target
007709ba1b5a683319157ce8e492781c_JaffaCakes118
-
Size
83KB
-
MD5
007709ba1b5a683319157ce8e492781c
-
SHA1
bc44500ee3b71c6c2f4687b7ffe0f2000fbadb4c
-
SHA256
9577137687570a7a1f749f011a6e747cde2e001905d57c8922f20bcba52d2830
-
SHA512
3fc2eeb45de28a2568b3ba661551b659557393cd59bbe7aa14ebae8c2a217ecf74a35c16d65a858f0ff94aa2cd518133cf0e9ee17fdba2231aad35ae5f1e278c
-
SSDEEP
384:DidD9d6GAPvgkfb3yHiPTGT0oEb1Av4T4GfuAtjBQ3jCBBEguozXtVjw:2ODfu90f1ffUCBjXtVj
Score10/10-
Modifies firewall policy service
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1