General
-
Target
01aa728fb566dc1afeba4b3dda0a281a_JaffaCakes118
-
Size
22KB
-
Sample
240620-bn6q3s1bjb
-
MD5
01aa728fb566dc1afeba4b3dda0a281a
-
SHA1
7ff6aa061847241c1949881cfa1c70660c28eebc
-
SHA256
c635fdf181dde8880598503ffbf6b74cb9c85a53de8844653a00d8cb26df888b
-
SHA512
aad77da252a0d01feddc37fb65e083bd80249a5f9bbb713f196d4ff9fdca62d883861e0262f4181d8a789b5b43f3b99db2c705ae09d61c7dc6694538752c9152
-
SSDEEP
384:dPyZNjtU2mq4cvLHUAUG08KMWTBAcDWDVjnUIzEWAw8xy:1yZrBy8KzTBcbEWAwd
Malware Config
Targets
-
-
Target
01aa728fb566dc1afeba4b3dda0a281a_JaffaCakes118
-
Size
22KB
-
MD5
01aa728fb566dc1afeba4b3dda0a281a
-
SHA1
7ff6aa061847241c1949881cfa1c70660c28eebc
-
SHA256
c635fdf181dde8880598503ffbf6b74cb9c85a53de8844653a00d8cb26df888b
-
SHA512
aad77da252a0d01feddc37fb65e083bd80249a5f9bbb713f196d4ff9fdca62d883861e0262f4181d8a789b5b43f3b99db2c705ae09d61c7dc6694538752c9152
-
SSDEEP
384:dPyZNjtU2mq4cvLHUAUG08KMWTBAcDWDVjnUIzEWAw8xy:1yZrBy8KzTBcbEWAwd
Score10/10-
Modifies firewall policy service
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1