General

  • Target

    000f5e2e3222dcfad7c7d6b7114f8ac6_JaffaCakes118

  • Size

    23KB

  • Sample

    240619-xmbefaxbpf

  • MD5

    000f5e2e3222dcfad7c7d6b7114f8ac6

  • SHA1

    394c3d26c2adcce9a7e7f25ddcb7c074028f43ea

  • SHA256

    2ca33b70d70e44323e6fccf44fe9fc249a515fd2f450239576b5339d3899afc0

  • SHA512

    f22ad846c1b73eb96defdbfcf4649b0b46401953da4b7b1b5256ec38c56732e8e72839c5d40234ff162629141f2658cec0f7165b9f52866b2d93aaadc8451940

  • SSDEEP

    384:hyVlNjtU2eepYEkolZyqrqmQjXyMrYVij5NRECI4E7zEFEAUR2mAJ:EVlTVlZ9iiqYk5N9IvXEFEAO8

Malware Config

Targets

    • Target

      000f5e2e3222dcfad7c7d6b7114f8ac6_JaffaCakes118

    • Size

      23KB

    • MD5

      000f5e2e3222dcfad7c7d6b7114f8ac6

    • SHA1

      394c3d26c2adcce9a7e7f25ddcb7c074028f43ea

    • SHA256

      2ca33b70d70e44323e6fccf44fe9fc249a515fd2f450239576b5339d3899afc0

    • SHA512

      f22ad846c1b73eb96defdbfcf4649b0b46401953da4b7b1b5256ec38c56732e8e72839c5d40234ff162629141f2658cec0f7165b9f52866b2d93aaadc8451940

    • SSDEEP

      384:hyVlNjtU2eepYEkolZyqrqmQjXyMrYVij5NRECI4E7zEFEAUR2mAJ:EVlTVlZ9iiqYk5N9IvXEFEAO8

    • Modifies firewall policy service

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks