General

  • Target

    000cd613b6d5fecbf516fd1c6ed053bf_JaffaCakes118

  • Size

    516KB

  • Sample

    240619-xklgma1frq

  • MD5

    000cd613b6d5fecbf516fd1c6ed053bf

  • SHA1

    cd9461f6705d40ff1f26a663240107bfe06ce1c8

  • SHA256

    f3917940d647704060e24f86f18051b70b9ec442ef28f83080aeb68069ac38c8

  • SHA512

    4831392bd40f9f3d6ea9c58e02295dc57653113c7f23d4d0fee687913f7611487b9a44eba74027f6188c17cf40c20addad09ff2bb3086da4b7f9b1eb30b5e938

  • SSDEEP

    384:KdD9d6G4q6gkfkfD1bzU4jLfKwjabg3IJCkjCh/C7ESICBzgI2Rjc1kXMM:KaDf21HVLf3G5X6KVFgI6F

Malware Config

Targets

    • Target

      000cd613b6d5fecbf516fd1c6ed053bf_JaffaCakes118

    • Size

      516KB

    • MD5

      000cd613b6d5fecbf516fd1c6ed053bf

    • SHA1

      cd9461f6705d40ff1f26a663240107bfe06ce1c8

    • SHA256

      f3917940d647704060e24f86f18051b70b9ec442ef28f83080aeb68069ac38c8

    • SHA512

      4831392bd40f9f3d6ea9c58e02295dc57653113c7f23d4d0fee687913f7611487b9a44eba74027f6188c17cf40c20addad09ff2bb3086da4b7f9b1eb30b5e938

    • SSDEEP

      384:KdD9d6G4q6gkfkfD1bzU4jLfKwjabg3IJCkjCh/C7ESICBzgI2Rjc1kXMM:KaDf21HVLf3G5X6KVFgI6F

    • Modifies firewall policy service

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks