General

  • Target

    000f750b86d4cb2485323f4b4b825604_JaffaCakes118

  • Size

    512KB

  • Sample

    240619-xmd6bsxbpg

  • MD5

    000f750b86d4cb2485323f4b4b825604

  • SHA1

    22be047dc6ce2e63409bf1be9d68d386de17c0fb

  • SHA256

    e056a8f30fcf77a077aa33186eba104c805b62e5e7ff2fc2d74f8a48f41a62ff

  • SHA512

    d93a06efad02c0ee5671dbb980fd127c5d644a464ce0eb526255dc29a7c6521ef700b771d318a19c174a7f28d2ba014be7b4c46a7f222a7bb1c93e603e50d659

  • SSDEEP

    384:gPyZNjtU2myEgkfb3yHv37ofyAbtAiVFv1rj868uPkEab5zXtxAAMSjJh:wyZeDfuEfptRFX8FuPAhXtxxMS7

Malware Config

Targets

    • Target

      000f750b86d4cb2485323f4b4b825604_JaffaCakes118

    • Size

      512KB

    • MD5

      000f750b86d4cb2485323f4b4b825604

    • SHA1

      22be047dc6ce2e63409bf1be9d68d386de17c0fb

    • SHA256

      e056a8f30fcf77a077aa33186eba104c805b62e5e7ff2fc2d74f8a48f41a62ff

    • SHA512

      d93a06efad02c0ee5671dbb980fd127c5d644a464ce0eb526255dc29a7c6521ef700b771d318a19c174a7f28d2ba014be7b4c46a7f222a7bb1c93e603e50d659

    • SSDEEP

      384:gPyZNjtU2myEgkfb3yHv37ofyAbtAiVFv1rj868uPkEab5zXtxAAMSjJh:wyZeDfuEfptRFX8FuPAhXtxxMS7

    • Modifies firewall policy service

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks