General

  • Target

    0007df2551792f4e2cf7fecac141a858_JaffaCakes118

  • Size

    23KB

  • Sample

    240619-xfwf2awhjh

  • MD5

    0007df2551792f4e2cf7fecac141a858

  • SHA1

    1002baabba2508cf48df3f16acdc461deb7f3c5b

  • SHA256

    9aef208d1c1ec84cfc4819c3d1a6ba9361c9643d39bc56c5850c8ec822e71395

  • SHA512

    0c7229ccf237240d79c90d57b589ecb7e40cf0778c953173f77a17fcfff91c00891eea0ed34c8518b7dab42dd8c98982dadc8c5eea9ebc3073ceb13e4b1bf81d

  • SSDEEP

    384:VidD9d6GArG45TH/t52oTtZaeFMMjMfOlEZx1zEFpYHmSX:UDKaoZdFVM2o3EFpYHmK

Malware Config

Targets

    • Target

      0007df2551792f4e2cf7fecac141a858_JaffaCakes118

    • Size

      23KB

    • MD5

      0007df2551792f4e2cf7fecac141a858

    • SHA1

      1002baabba2508cf48df3f16acdc461deb7f3c5b

    • SHA256

      9aef208d1c1ec84cfc4819c3d1a6ba9361c9643d39bc56c5850c8ec822e71395

    • SHA512

      0c7229ccf237240d79c90d57b589ecb7e40cf0778c953173f77a17fcfff91c00891eea0ed34c8518b7dab42dd8c98982dadc8c5eea9ebc3073ceb13e4b1bf81d

    • SSDEEP

      384:VidD9d6GArG45TH/t52oTtZaeFMMjMfOlEZx1zEFpYHmSX:UDKaoZdFVM2o3EFpYHmK

    • Modifies firewall policy service

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks