General
-
Target
acc0a3a6ff4aea72199706b42ddf3daf_JaffaCakes118
-
Size
20KB
-
Sample
240819-1w649ayald
-
MD5
acc0a3a6ff4aea72199706b42ddf3daf
-
SHA1
c60b99a86f6af620f94ae7ed154bfd232f015ab9
-
SHA256
bb79d7710022310cc84287c8185074fdb0f48550c4cd1a3164776251cdb5dd96
-
SHA512
42443f263480f0ba70e7381a305ef9a4c6d3895bab9efb940b69e84abe3631c40858282a547ec9686fbe4b7a1a2b9ace49921a79903d3f3e13d7133df33abecf
-
SSDEEP
384:jPyZNjtU2m2Wj4ygqHgyMK7mOzPl01D9wdjE1zXMfYjlrA:LyZi1gGgu7n+RwpOXMfKs
Malware Config
Targets
-
-
Target
acc0a3a6ff4aea72199706b42ddf3daf_JaffaCakes118
-
Size
20KB
-
MD5
acc0a3a6ff4aea72199706b42ddf3daf
-
SHA1
c60b99a86f6af620f94ae7ed154bfd232f015ab9
-
SHA256
bb79d7710022310cc84287c8185074fdb0f48550c4cd1a3164776251cdb5dd96
-
SHA512
42443f263480f0ba70e7381a305ef9a4c6d3895bab9efb940b69e84abe3631c40858282a547ec9686fbe4b7a1a2b9ace49921a79903d3f3e13d7133df33abecf
-
SSDEEP
384:jPyZNjtU2m2Wj4ygqHgyMK7mOzPl01D9wdjE1zXMfYjlrA:LyZi1gGgu7n+RwpOXMfKs
Score10/10-
Modifies firewall policy service
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1