General
-
Target
3ea17768bf6ede2bfb862e1ce31f1e7b_JaffaCakes118
-
Size
23KB
-
Sample
241013-jljsjazelq
-
MD5
3ea17768bf6ede2bfb862e1ce31f1e7b
-
SHA1
75e35267d39c80afed62a6d79645ffe60cda9b59
-
SHA256
a19716a2223a6df773ebb440b781d10ae25260b574715b2be37acae2839777f6
-
SHA512
6785c7ab692574087ce0feb4a1d1bf0c7268c86dd03f6d86f88195d9f384c9344e8fe16d7845a673633aa40ee9b1250a826cda03dec2a97d509d90c1e36f570f
-
SSDEEP
384:YPyZNjtU2mC45TiKNfRSQtzs9avZ1uwjP19EO0dTG1zEFMC1Il:IyZDKBrScw0Z1uAP1sdTGpEFMCO
Malware Config
Targets
-
-
Target
3ea17768bf6ede2bfb862e1ce31f1e7b_JaffaCakes118
-
Size
23KB
-
MD5
3ea17768bf6ede2bfb862e1ce31f1e7b
-
SHA1
75e35267d39c80afed62a6d79645ffe60cda9b59
-
SHA256
a19716a2223a6df773ebb440b781d10ae25260b574715b2be37acae2839777f6
-
SHA512
6785c7ab692574087ce0feb4a1d1bf0c7268c86dd03f6d86f88195d9f384c9344e8fe16d7845a673633aa40ee9b1250a826cda03dec2a97d509d90c1e36f570f
-
SSDEEP
384:YPyZNjtU2mC45TiKNfRSQtzs9avZ1uwjP19EO0dTG1zEFMC1Il:IyZDKBrScw0Z1uAP1sdTGpEFMCO
Score10/10-
Modifies firewall policy service
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1