General

  • Target

    000df2ca85024d0b43d51ac002a3f744_JaffaCakes118

  • Size

    23KB

  • Sample

    240619-xlbzks1glp

  • MD5

    000df2ca85024d0b43d51ac002a3f744

  • SHA1

    d0995bfc83c23bc69b0602fe495687b5b5efe495

  • SHA256

    f0224d033955896f123481b27a0701894b6f20b97cc4747730fd064080295fc1

  • SHA512

    d56f522c027c4bcbb7e14754bd163b0c57cb96ba294ee08455555e801da1c8c006f92c8aa704e656f7d3cb2b0898657368e55ac55e8bbaacab5d44180671c64b

  • SSDEEP

    384:/yVlNjtU2eGg45LX0RLbcMYB6+h4N8/rNFu6OLthHgED+ezEZy2mP9:6VlmiavyB6oN0fphHF+OEZyj

Malware Config

Targets

    • Target

      000df2ca85024d0b43d51ac002a3f744_JaffaCakes118

    • Size

      23KB

    • MD5

      000df2ca85024d0b43d51ac002a3f744

    • SHA1

      d0995bfc83c23bc69b0602fe495687b5b5efe495

    • SHA256

      f0224d033955896f123481b27a0701894b6f20b97cc4747730fd064080295fc1

    • SHA512

      d56f522c027c4bcbb7e14754bd163b0c57cb96ba294ee08455555e801da1c8c006f92c8aa704e656f7d3cb2b0898657368e55ac55e8bbaacab5d44180671c64b

    • SSDEEP

      384:/yVlNjtU2eGg45LX0RLbcMYB6+h4N8/rNFu6OLthHgED+ezEZy2mP9:6VlmiavyB6oN0fphHF+OEZyj

    • Modifies firewall policy service

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks