General

  • Target

    00105e53d40533302d7021f63d954a9a_JaffaCakes118

  • Size

    512KB

  • Sample

    240619-xmxbxa1hjn

  • MD5

    00105e53d40533302d7021f63d954a9a

  • SHA1

    9a6def1fc9c7135aea74c616a930d832bc7fd0f8

  • SHA256

    76a502b32874edf2adbb5cd77516566723a95e35ad8e396ef8e995036f91051b

  • SHA512

    1bcd4515644297dc5802bc208f8fd1402e0eff3e99c7b75352aab90cc88766f947a876fca24aa92b5dc5bcd98d0c67a5e5c98fce96e98e33f76616017b991592

  • SSDEEP

    384:JaPyZNjtU2mW4MLfyHJOy3ffj1AjaPlv1X/jl5/0Eb2UUzEIg6Ggy:oyZHT2h3D1Y+7l5/s/EIgHB

Malware Config

Targets

    • Target

      00105e53d40533302d7021f63d954a9a_JaffaCakes118

    • Size

      512KB

    • MD5

      00105e53d40533302d7021f63d954a9a

    • SHA1

      9a6def1fc9c7135aea74c616a930d832bc7fd0f8

    • SHA256

      76a502b32874edf2adbb5cd77516566723a95e35ad8e396ef8e995036f91051b

    • SHA512

      1bcd4515644297dc5802bc208f8fd1402e0eff3e99c7b75352aab90cc88766f947a876fca24aa92b5dc5bcd98d0c67a5e5c98fce96e98e33f76616017b991592

    • SSDEEP

      384:JaPyZNjtU2mW4MLfyHJOy3ffj1AjaPlv1X/jl5/0Eb2UUzEIg6Ggy:oyZHT2h3D1Y+7l5/s/EIgHB

    • Modifies firewall policy service

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks