General

  • Target

    000973f40e82167b43cd78c6675b58dc_JaffaCakes118

  • Size

    23KB

  • Sample

    240619-xhe7tswhqf

  • MD5

    000973f40e82167b43cd78c6675b58dc

  • SHA1

    81f61a15556e9e29478ab379820406ea33c3753c

  • SHA256

    04e3b3032c6c828930c00703f328cbe4adb4d80bcf3f6d2bcd574cd9e62b61d9

  • SHA512

    42b56f56b29c3e89379e6e233ab860b9b37bb66ddd90bd8f1432a7f218a1ceb81f456bb7a6a9129a9d851634cd0cbb3d18f147804c60dcdd08fae7c0f91238a6

  • SSDEEP

    384:7PyZNjtU2mC45TW9+lGdtmq0Dj2OmcMa3EklUzEFqzt66:jyZDKrsTMcLazl0EFqztf

Malware Config

Targets

    • Target

      000973f40e82167b43cd78c6675b58dc_JaffaCakes118

    • Size

      23KB

    • MD5

      000973f40e82167b43cd78c6675b58dc

    • SHA1

      81f61a15556e9e29478ab379820406ea33c3753c

    • SHA256

      04e3b3032c6c828930c00703f328cbe4adb4d80bcf3f6d2bcd574cd9e62b61d9

    • SHA512

      42b56f56b29c3e89379e6e233ab860b9b37bb66ddd90bd8f1432a7f218a1ceb81f456bb7a6a9129a9d851634cd0cbb3d18f147804c60dcdd08fae7c0f91238a6

    • SSDEEP

      384:7PyZNjtU2mC45TW9+lGdtmq0Dj2OmcMa3EklUzEFqzt66:jyZDKrsTMcLazl0EFqztf

    • Modifies firewall policy service

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks