General

  • Target

    000d178b4b70a2335558198a89516047_JaffaCakes118

  • Size

    512KB

  • Sample

    240619-xkpt2s1gjk

  • MD5

    000d178b4b70a2335558198a89516047

  • SHA1

    9e1028c7d178d8e70230b5e3fd0cbd22c1c0810d

  • SHA256

    0fbd86acfeee378a67c93a5532bfee16a4633f1fa28751ec5d6689c7ed12a5bc

  • SHA512

    3a39066d9ebb279d1d58b6db77935cc458d91221cd3b6d6db537a4225108d622fc289f459c5eb46fa74bc680cac6197ce47dee8175c0f20f00496444d45b700d

  • SSDEEP

    384:gPyZNjtU2mW4MLfyHzyGxZQVAec0Sjh7IUEgKGasKzEIgs6pP3:wyZHT2nqVV8h7I7G8EIgjZ

Malware Config

Targets

    • Target

      000d178b4b70a2335558198a89516047_JaffaCakes118

    • Size

      512KB

    • MD5

      000d178b4b70a2335558198a89516047

    • SHA1

      9e1028c7d178d8e70230b5e3fd0cbd22c1c0810d

    • SHA256

      0fbd86acfeee378a67c93a5532bfee16a4633f1fa28751ec5d6689c7ed12a5bc

    • SHA512

      3a39066d9ebb279d1d58b6db77935cc458d91221cd3b6d6db537a4225108d622fc289f459c5eb46fa74bc680cac6197ce47dee8175c0f20f00496444d45b700d

    • SSDEEP

      384:gPyZNjtU2mW4MLfyHzyGxZQVAec0Sjh7IUEgKGasKzEIgs6pP3:wyZHT2nqVV8h7I7G8EIgjZ

    • Modifies firewall policy service

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks