General

  • Target

    000f431eddbefcaddef6e2803c39e00e_JaffaCakes118

  • Size

    481KB

  • Sample

    240619-xl8zbaxbpd

  • MD5

    000f431eddbefcaddef6e2803c39e00e

  • SHA1

    5fee593b5d9bcf47425e9bf5b6ba5d8dd62e11ae

  • SHA256

    a19fb950271cdeb49289fd172b1f2bb3deed41b13f1be9ccd7757a13f6eed04b

  • SHA512

    6c3c6685135398c568fd97f2ec3b0363d8805fe498e1c1b35a9ca2e4ae79fadde9e18168830375ae77580191919e733971ce21bf642827dd02f30166a9f7d7b3

  • SSDEEP

    384:spdNjtU2OCu5fNOXePYjlML5CKFEDo2Q/EiWTlz6nUsah:spdGVO6+EFKo2QE6nb

Malware Config

Targets

    • Target

      000f431eddbefcaddef6e2803c39e00e_JaffaCakes118

    • Size

      481KB

    • MD5

      000f431eddbefcaddef6e2803c39e00e

    • SHA1

      5fee593b5d9bcf47425e9bf5b6ba5d8dd62e11ae

    • SHA256

      a19fb950271cdeb49289fd172b1f2bb3deed41b13f1be9ccd7757a13f6eed04b

    • SHA512

      6c3c6685135398c568fd97f2ec3b0363d8805fe498e1c1b35a9ca2e4ae79fadde9e18168830375ae77580191919e733971ce21bf642827dd02f30166a9f7d7b3

    • SSDEEP

      384:spdNjtU2OCu5fNOXePYjlML5CKFEDo2Q/EiWTlz6nUsah:spdGVO6+EFKo2QE6nb

    • Modifies firewall policy service

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks