General

  • Target

    000ec5747200add44c8507bb10aaad5b_JaffaCakes118

  • Size

    513KB

  • Sample

    240619-xly44s1gnp

  • MD5

    000ec5747200add44c8507bb10aaad5b

  • SHA1

    c64d347e9bdae3dfb4716399080635b7c65ceea3

  • SHA256

    12f2276a1acbe5ce65708817de2669cc53efb64d6bce2a9d8658506f2010e43a

  • SHA512

    ac434ec663bd595722767f2f30d4050313e4e040cffeef8e5316d20ec58a3c745f2aa4b0cd5408b8f85e4234bdda9b58a245cada1261b8b52ba78d9e77a625ad

  • SSDEEP

    384:32idD9d6GAH64ML/SQfx2eqt9ZVXvbcAP5vwRes5e1jMtpEP6C3pzvtdNH16n:/rTGmHqLZVDcyfxMnC9vtdDa

Malware Config

Targets

    • Target

      000ec5747200add44c8507bb10aaad5b_JaffaCakes118

    • Size

      513KB

    • MD5

      000ec5747200add44c8507bb10aaad5b

    • SHA1

      c64d347e9bdae3dfb4716399080635b7c65ceea3

    • SHA256

      12f2276a1acbe5ce65708817de2669cc53efb64d6bce2a9d8658506f2010e43a

    • SHA512

      ac434ec663bd595722767f2f30d4050313e4e040cffeef8e5316d20ec58a3c745f2aa4b0cd5408b8f85e4234bdda9b58a245cada1261b8b52ba78d9e77a625ad

    • SSDEEP

      384:32idD9d6GAH64ML/SQfx2eqt9ZVXvbcAP5vwRes5e1jMtpEP6C3pzvtdNH16n:/rTGmHqLZVDcyfxMnC9vtdDa

    • Modifies firewall policy service

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks