General
-
Target
5bc9f2d00ae9d4446cd46a916cef1846_JaffaCakes118
-
Size
23KB
-
Sample
240719-nss21asdrg
-
MD5
5bc9f2d00ae9d4446cd46a916cef1846
-
SHA1
7008faff4b15b9f18c55bcfd17cd7eef9033c3f9
-
SHA256
0e76f9942271ba4e12f8574ceb24d836471e10e5407acb2d27937ba137128a12
-
SHA512
a855f3e06ef9f2af438a0635ce53a0ae06dd366bd1c3c7784a5a72e86fe6f9d68f2165f91200d3a752b1acd421833dd16f58e71305eae6da30615e430067b22e
-
SSDEEP
384:lPyZNjtU2m2EQBziyYl6L1NbpsvamfhjdRhtE0KekNzXA4jnV5:dyZC6i3UXmim1dRhpKnBXA455
Malware Config
Targets
-
-
Target
5bc9f2d00ae9d4446cd46a916cef1846_JaffaCakes118
-
Size
23KB
-
MD5
5bc9f2d00ae9d4446cd46a916cef1846
-
SHA1
7008faff4b15b9f18c55bcfd17cd7eef9033c3f9
-
SHA256
0e76f9942271ba4e12f8574ceb24d836471e10e5407acb2d27937ba137128a12
-
SHA512
a855f3e06ef9f2af438a0635ce53a0ae06dd366bd1c3c7784a5a72e86fe6f9d68f2165f91200d3a752b1acd421833dd16f58e71305eae6da30615e430067b22e
-
SSDEEP
384:lPyZNjtU2m2EQBziyYl6L1NbpsvamfhjdRhtE0KekNzXA4jnV5:dyZC6i3UXmim1dRhpKnBXA455
Score10/10-
Modifies firewall policy service
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1