General

  • Target

    000de1b6375f59abc659ef6a779e5a12_JaffaCakes118

  • Size

    21KB

  • Sample

    240619-xk88paxbkc

  • MD5

    000de1b6375f59abc659ef6a779e5a12

  • SHA1

    9b7f63ca81118b2d2d9b691a212158d7d2b4dce7

  • SHA256

    28fea6abb5c54c3340a330f2d8e77a0ca346cd5cd8b8ff0ac1cd216018ee13ef

  • SHA512

    6e5a9f0a228e74ddef54017526807206c02ce38a3fbfa337d5983c5bc90008f261255fbe08fc8efc1d8a70cc450072c9acafb6b0fe38b73f0b85dfa2ce12b2ad

  • SSDEEP

    384:VlyVlNjtU2eKlIG7vnW+liYMUMhEP+DIJ8/6i6zEZEi4+:VYVljBvrliKJJ8/P6EZEiZ

Malware Config

Targets

    • Target

      000de1b6375f59abc659ef6a779e5a12_JaffaCakes118

    • Size

      21KB

    • MD5

      000de1b6375f59abc659ef6a779e5a12

    • SHA1

      9b7f63ca81118b2d2d9b691a212158d7d2b4dce7

    • SHA256

      28fea6abb5c54c3340a330f2d8e77a0ca346cd5cd8b8ff0ac1cd216018ee13ef

    • SHA512

      6e5a9f0a228e74ddef54017526807206c02ce38a3fbfa337d5983c5bc90008f261255fbe08fc8efc1d8a70cc450072c9acafb6b0fe38b73f0b85dfa2ce12b2ad

    • SSDEEP

      384:VlyVlNjtU2eKlIG7vnW+liYMUMhEP+DIJ8/6i6zEZEi4+:VYVljBvrliKJJ8/P6EZEiZ

    • Modifies firewall policy service

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks