General
-
Target
00784e8bf9c9421e4dbaf6ddf406eeb9_JaffaCakes118
-
Size
22KB
-
Sample
240619-zs4dhswbnj
-
MD5
00784e8bf9c9421e4dbaf6ddf406eeb9
-
SHA1
1325c1b883b74cca316dc80c3618f0d187d333e5
-
SHA256
9cbbd352a10d8efc7ddcef61e52c9b674de54d9da6a044d61eebf57c7556405a
-
SHA512
3c4486061afd1c0c321fb6c65b80f76ee08ca434a47d311b71048684718f33093faa8ac88de252bb01cb5048d65a435f56d5659e7f47f1ead5a4b92fc4f222fd
-
SSDEEP
384:yOr5NKZ2x5gMsnQW/NnxfAfb6Ig3ICPrjoiB/JE800z0Y7YYOLRA:pr59pqRAfmIjCPXoM/F0U0YTsA
Malware Config
Targets
-
-
Target
00784e8bf9c9421e4dbaf6ddf406eeb9_JaffaCakes118
-
Size
22KB
-
MD5
00784e8bf9c9421e4dbaf6ddf406eeb9
-
SHA1
1325c1b883b74cca316dc80c3618f0d187d333e5
-
SHA256
9cbbd352a10d8efc7ddcef61e52c9b674de54d9da6a044d61eebf57c7556405a
-
SHA512
3c4486061afd1c0c321fb6c65b80f76ee08ca434a47d311b71048684718f33093faa8ac88de252bb01cb5048d65a435f56d5659e7f47f1ead5a4b92fc4f222fd
-
SSDEEP
384:yOr5NKZ2x5gMsnQW/NnxfAfb6Ig3ICPrjoiB/JE800z0Y7YYOLRA:pr59pqRAfmIjCPXoM/F0U0YTsA
Score10/10-
Modifies firewall policy service
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1