General

  • Target

    000f75178a6e333afb92e16662ddf9f0_JaffaCakes118

  • Size

    27KB

  • Sample

    240619-xmervsxbph

  • MD5

    000f75178a6e333afb92e16662ddf9f0

  • SHA1

    832ed50e98951dd64f514a32e3c81c388eed6c84

  • SHA256

    6ab13f4f217214fe87668ba6056c5ade66a5ebe973589b781d1c1b3f923748f6

  • SHA512

    a55332769eb60735e6235ab8df209d52dd3662d833f79a2d28068009b9888566eb4e1ac073e7eb329f5781f170a0a2b9402df17314db3fc6ec35f25b6a66849c

  • SSDEEP

    384:RdD9d6G42w58Mii9B1xtJ7yjscTYz4RgO0zsjBFYRa0I7jh+EXKgKwzXtxqWJvw:RHegi94NkzIgOlBGNChOQXtQWJo

Malware Config

Targets

    • Target

      000f75178a6e333afb92e16662ddf9f0_JaffaCakes118

    • Size

      27KB

    • MD5

      000f75178a6e333afb92e16662ddf9f0

    • SHA1

      832ed50e98951dd64f514a32e3c81c388eed6c84

    • SHA256

      6ab13f4f217214fe87668ba6056c5ade66a5ebe973589b781d1c1b3f923748f6

    • SHA512

      a55332769eb60735e6235ab8df209d52dd3662d833f79a2d28068009b9888566eb4e1ac073e7eb329f5781f170a0a2b9402df17314db3fc6ec35f25b6a66849c

    • SSDEEP

      384:RdD9d6G42w58Mii9B1xtJ7yjscTYz4RgO0zsjBFYRa0I7jh+EXKgKwzXtxqWJvw:RHegi94NkzIgOlBGNChOQXtQWJo

    • Modifies firewall policy service

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks