General
-
Target
187fd72b5b02dd786c293b775d5d5c72_JaffaCakes118
-
Size
23KB
-
Sample
240628-c7rxpszclk
-
MD5
187fd72b5b02dd786c293b775d5d5c72
-
SHA1
fa27d4e12684d5fbd82ad45c523a7bccb2144991
-
SHA256
c9bf6bad34084fb850ff95fa7fe7520b60c89b7ab344eb6069970fa5f363e9db
-
SHA512
afe5449b3bb84bc7dd82bd6cae5104a3a1deb77fcff8de77613138c468ab6365cf6084abd51d18aea1eb6d4797b9626a21d1bf40c2a4dc4845a3f3c47c60d719
-
SSDEEP
384:cPyZNjtU2mvgOny7voT2aTb1AiGM5ajnNkSEEaSDzEiYym6Pa:syZm673av15Gln+7S/EiYVOa
Malware Config
Targets
-
-
Target
187fd72b5b02dd786c293b775d5d5c72_JaffaCakes118
-
Size
23KB
-
MD5
187fd72b5b02dd786c293b775d5d5c72
-
SHA1
fa27d4e12684d5fbd82ad45c523a7bccb2144991
-
SHA256
c9bf6bad34084fb850ff95fa7fe7520b60c89b7ab344eb6069970fa5f363e9db
-
SHA512
afe5449b3bb84bc7dd82bd6cae5104a3a1deb77fcff8de77613138c468ab6365cf6084abd51d18aea1eb6d4797b9626a21d1bf40c2a4dc4845a3f3c47c60d719
-
SSDEEP
384:cPyZNjtU2mvgOny7voT2aTb1AiGM5ajnNkSEEaSDzEiYym6Pa:syZm673av15Gln+7S/EiYVOa
Score10/10-
Modifies firewall policy service
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1