General

  • Target

    000f63f8a246ca43134d15df5e8a2d05_JaffaCakes118

  • Size

    392KB

  • Sample

    240619-xmcbqs1gpq

  • MD5

    000f63f8a246ca43134d15df5e8a2d05

  • SHA1

    31d9f267fdd7a1e75b416a7b05b8dc96018ba7ac

  • SHA256

    c062c16cf3db63c9cdd5d24bd66404c7cb57339a77d98dcff105806fc7ad75af

  • SHA512

    5de842679cc094a861810003b496f0676724b90d268bb4c897fd5d878660b8998d8954d96c47ac7df71e47f663638d2d44f7a6b38a1d4617fa65b5d8c7fdad75

  • SSDEEP

    384:GidD9d6GAr+4JPr1MVa06K96gS0Av6icErLUj6IECKySMzEWaoH:/LO1NKTpnaXU6z5sEWao

Malware Config

Targets

    • Target

      000f63f8a246ca43134d15df5e8a2d05_JaffaCakes118

    • Size

      392KB

    • MD5

      000f63f8a246ca43134d15df5e8a2d05

    • SHA1

      31d9f267fdd7a1e75b416a7b05b8dc96018ba7ac

    • SHA256

      c062c16cf3db63c9cdd5d24bd66404c7cb57339a77d98dcff105806fc7ad75af

    • SHA512

      5de842679cc094a861810003b496f0676724b90d268bb4c897fd5d878660b8998d8954d96c47ac7df71e47f663638d2d44f7a6b38a1d4617fa65b5d8c7fdad75

    • SSDEEP

      384:GidD9d6GAr+4JPr1MVa06K96gS0Av6icErLUj6IECKySMzEWaoH:/LO1NKTpnaXU6z5sEWao

    • Modifies firewall policy service

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks