General

  • Target

    000c81aae87184a9e64fe733f10acd45_JaffaCakes118

  • Size

    25KB

  • Sample

    240619-xkbbnaxaph

  • MD5

    000c81aae87184a9e64fe733f10acd45

  • SHA1

    5a6c2ff2bb3723585819d924e496eacb8b15629b

  • SHA256

    053294ba88f21e14a2a4ebd9caa43175a0613803f87b75cd233ddfa95f97eaaa

  • SHA512

    b23299390127ed402bd7faeba14a46ed79a34f97a6f5126cc055ac4467f814cae9c149c3830f88977d142dfb2faa4923a2777707dcf8b0f20e782fc437ce263b

  • SSDEEP

    384:skidD9d6GA7qoJiSemjSVHG3djztEBlD1jA8rDXEecO/v0N3zxI9MOMqL:sxfKe+Om6lFA8FcOGxI9pMa

Malware Config

Targets

    • Target

      000c81aae87184a9e64fe733f10acd45_JaffaCakes118

    • Size

      25KB

    • MD5

      000c81aae87184a9e64fe733f10acd45

    • SHA1

      5a6c2ff2bb3723585819d924e496eacb8b15629b

    • SHA256

      053294ba88f21e14a2a4ebd9caa43175a0613803f87b75cd233ddfa95f97eaaa

    • SHA512

      b23299390127ed402bd7faeba14a46ed79a34f97a6f5126cc055ac4467f814cae9c149c3830f88977d142dfb2faa4923a2777707dcf8b0f20e782fc437ce263b

    • SSDEEP

      384:skidD9d6GA7qoJiSemjSVHG3djztEBlD1jA8rDXEecO/v0N3zxI9MOMqL:sxfKe+Om6lFA8FcOGxI9pMa

    • Modifies firewall policy service

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks