General

  • Target

    000d784e75c548af7e23d9e954f3ea52_JaffaCakes118

  • Size

    512KB

  • Sample

    240619-xk173sxbjc

  • MD5

    000d784e75c548af7e23d9e954f3ea52

  • SHA1

    873e9c80b01945551a75d4dc81a9ae293fe9f83a

  • SHA256

    adf6e7b503d949a8d60c9109a1d655ed83c2180eca7060708a4d89a08b82aabb

  • SHA512

    db897df7d786120f3b8408db68b2f8975228a5f5bb1d5ac919c248f23cf9f2c4cfb53ab84d65b09757ea21ba57af575fa92f107f48e06ebeb668064555e98861

  • SSDEEP

    384:5yVlNjtU2e6VYOtfk9y5wS6BoIPTFsxl1rY/N2jfbGrYEj7Wo2VTTzE7bWg2E:MVlDty4wHBD6ZY/szGr7svE7bh

Malware Config

Targets

    • Target

      000d784e75c548af7e23d9e954f3ea52_JaffaCakes118

    • Size

      512KB

    • MD5

      000d784e75c548af7e23d9e954f3ea52

    • SHA1

      873e9c80b01945551a75d4dc81a9ae293fe9f83a

    • SHA256

      adf6e7b503d949a8d60c9109a1d655ed83c2180eca7060708a4d89a08b82aabb

    • SHA512

      db897df7d786120f3b8408db68b2f8975228a5f5bb1d5ac919c248f23cf9f2c4cfb53ab84d65b09757ea21ba57af575fa92f107f48e06ebeb668064555e98861

    • SSDEEP

      384:5yVlNjtU2e6VYOtfk9y5wS6BoIPTFsxl1rY/N2jfbGrYEj7Wo2VTTzE7bWg2E:MVlDty4wHBD6ZY/szGr7svE7bh

    • Modifies firewall policy service

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks