General

  • Target

    000dc2db2722375fd7446c143fc4ffb7_JaffaCakes118

  • Size

    512KB

  • Sample

    240619-xk6gss1gll

  • MD5

    000dc2db2722375fd7446c143fc4ffb7

  • SHA1

    9a2583662de852a5180af2a663544142382f8c2b

  • SHA256

    6c6fff2cd1e6e1d9ee3ffbb508ebd2f1d74e6e4b18ca323455eb341878521163

  • SHA512

    18427ce5a5ab9f79e5ee2ce847b9ff8a6e77b3cd8990746762f176482bb6b9b3428fd4a162d8a2a6961f1e819c50179ecbed96725fbf67dcee043e62b445464d

  • SSDEEP

    384:gUOr5NKZ2VUI1KmPKDT4MywmtbdYSgnKEt11jVPFYIEZc4z0rOYYONKz:Ur5sWK0JdanhPVPFYIY0rIX

Malware Config

Targets

    • Target

      000dc2db2722375fd7446c143fc4ffb7_JaffaCakes118

    • Size

      512KB

    • MD5

      000dc2db2722375fd7446c143fc4ffb7

    • SHA1

      9a2583662de852a5180af2a663544142382f8c2b

    • SHA256

      6c6fff2cd1e6e1d9ee3ffbb508ebd2f1d74e6e4b18ca323455eb341878521163

    • SHA512

      18427ce5a5ab9f79e5ee2ce847b9ff8a6e77b3cd8990746762f176482bb6b9b3428fd4a162d8a2a6961f1e819c50179ecbed96725fbf67dcee043e62b445464d

    • SSDEEP

      384:gUOr5NKZ2VUI1KmPKDT4MywmtbdYSgnKEt11jVPFYIEZc4z0rOYYONKz:Ur5sWK0JdanhPVPFYIY0rIX

    • Modifies firewall policy service

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks