General

  • Target

    000f00ec0f7a61c6728cfc71a2ae4163_JaffaCakes118

  • Size

    22KB

  • Sample

    240619-xl6h7a1gpj

  • MD5

    000f00ec0f7a61c6728cfc71a2ae4163

  • SHA1

    16ecc4b4d360b98114ca7d2fb9158047e04f162d

  • SHA256

    5dbf3d8894bce96d559016b910bcbf7b5099e97e666856c9f84a90cd46696f36

  • SHA512

    5d1225238c6f81a4b882843ff07865f799eabd4b880d44e08412598a3271bde654febd826ee1b8bbf5451fb9d988e7bd5c572615a0aeb5fa0cc16e6bd857f841

  • SSDEEP

    384:9yVlNjtU2etUARTXE92hJ+uZq3HlMz7EF3UjQY3clpzx/yUObzt80:AVl7aU6J+uZqXE7/QY3ax/yD20

Malware Config

Targets

    • Target

      000f00ec0f7a61c6728cfc71a2ae4163_JaffaCakes118

    • Size

      22KB

    • MD5

      000f00ec0f7a61c6728cfc71a2ae4163

    • SHA1

      16ecc4b4d360b98114ca7d2fb9158047e04f162d

    • SHA256

      5dbf3d8894bce96d559016b910bcbf7b5099e97e666856c9f84a90cd46696f36

    • SHA512

      5d1225238c6f81a4b882843ff07865f799eabd4b880d44e08412598a3271bde654febd826ee1b8bbf5451fb9d988e7bd5c572615a0aeb5fa0cc16e6bd857f841

    • SSDEEP

      384:9yVlNjtU2etUARTXE92hJ+uZq3HlMz7EF3UjQY3clpzx/yUObzt80:AVl7aU6J+uZqXE7/QY3ax/yD20

    • Modifies firewall policy service

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks