General

  • Target

    000ed345555cac822af47bb62790d43b_JaffaCakes118

  • Size

    22KB

  • Sample

    240619-xl1myaxbnd

  • MD5

    000ed345555cac822af47bb62790d43b

  • SHA1

    b88ed6e771bff0a24c8b10012512cce32e2c1a90

  • SHA256

    8d0a51e82d74276237f56e1ce0fe407fbaf2b924bcbc6961b89f47212de219dd

  • SHA512

    07eec844fabce91eb0b58b6b02c83fe563967efc4b3e337202c2f10c32392b5d5f44ba52518d2b58d7480fd1d0f5164e0c0aedd9ba3d30966c6182ff00ea8de5

  • SSDEEP

    384:ByVlNjtU2eRlAbAV8CzQ+YxM6ZjzEarYnjgeL8+0E6miTmzE7HjUIO8fCR:kVlSdbQZAgYjg08+YZWE7HjUeKR

Malware Config

Targets

    • Target

      000ed345555cac822af47bb62790d43b_JaffaCakes118

    • Size

      22KB

    • MD5

      000ed345555cac822af47bb62790d43b

    • SHA1

      b88ed6e771bff0a24c8b10012512cce32e2c1a90

    • SHA256

      8d0a51e82d74276237f56e1ce0fe407fbaf2b924bcbc6961b89f47212de219dd

    • SHA512

      07eec844fabce91eb0b58b6b02c83fe563967efc4b3e337202c2f10c32392b5d5f44ba52518d2b58d7480fd1d0f5164e0c0aedd9ba3d30966c6182ff00ea8de5

    • SSDEEP

      384:ByVlNjtU2eRlAbAV8CzQ+YxM6ZjzEarYnjgeL8+0E6miTmzE7HjUIO8fCR:kVlSdbQZAgYjg08+YZWE7HjUeKR

    • Modifies firewall policy service

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks