General
-
Target
01a02a53fbe9e7664604415bc7884f9b_JaffaCakes118
-
Size
23KB
-
Sample
240620-bh6twszgpa
-
MD5
01a02a53fbe9e7664604415bc7884f9b
-
SHA1
8eea2cbf56237f483d01e90a40b39439f7204fc9
-
SHA256
cfd250c8ba9f1bd5578c79d8314d75be9c0e1413fed246458a2c15d77f19696f
-
SHA512
e41871b8e40c028e5f927218ebc17ab8d8df1f870a2ff71ce04de15b221b7d15e05c45c43f06cdbd1fc4bc283a7249cb874e85d85a81bced52a25b3ed3e23bb4
-
SSDEEP
384:5PyZNjtU2mzQBz222KIWpHoqIjRfYPXE01fC4zEiwUiOtTOHDa:RyZ66Jd5oZxYP31fCYEiw41Om
Malware Config
Targets
-
-
Target
01a02a53fbe9e7664604415bc7884f9b_JaffaCakes118
-
Size
23KB
-
MD5
01a02a53fbe9e7664604415bc7884f9b
-
SHA1
8eea2cbf56237f483d01e90a40b39439f7204fc9
-
SHA256
cfd250c8ba9f1bd5578c79d8314d75be9c0e1413fed246458a2c15d77f19696f
-
SHA512
e41871b8e40c028e5f927218ebc17ab8d8df1f870a2ff71ce04de15b221b7d15e05c45c43f06cdbd1fc4bc283a7249cb874e85d85a81bced52a25b3ed3e23bb4
-
SSDEEP
384:5PyZNjtU2mzQBz222KIWpHoqIjRfYPXE01fC4zEiwUiOtTOHDa:RyZ66Jd5oZxYP31fCYEiw41Om
Score10/10-
Modifies firewall policy service
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1