General

  • Target

    00139a122194926e51adc54b68523656_JaffaCakes118

  • Size

    524KB

  • Sample

    240619-xp4trsxdkc

  • MD5

    00139a122194926e51adc54b68523656

  • SHA1

    b87c4017e1b1a858f9f096cb672eb3341d7df40d

  • SHA256

    e9a39ba49aa91f50c076287856e2fd7b67d89e4bd2076e7c1c21a9130f6a6de6

  • SHA512

    7282228ce589e6a0e3c494a394d7510aa03a64a6c08378479c8eea9266695b63c2afe1ded4213062d15efb9b25686eb50d03f4d90d530d0c36a1f6baa8a3955f

  • SSDEEP

    384:uGdaFciz4Wb3HXLdW1pitCexvpGWKBqvlaNE+FSzVUzRDhAYYO7vX20sLa/kK0kE:uG097bQACXWm6lajRD46O0sBK0oyW9Le

Malware Config

Targets

    • Target

      00139a122194926e51adc54b68523656_JaffaCakes118

    • Size

      524KB

    • MD5

      00139a122194926e51adc54b68523656

    • SHA1

      b87c4017e1b1a858f9f096cb672eb3341d7df40d

    • SHA256

      e9a39ba49aa91f50c076287856e2fd7b67d89e4bd2076e7c1c21a9130f6a6de6

    • SHA512

      7282228ce589e6a0e3c494a394d7510aa03a64a6c08378479c8eea9266695b63c2afe1ded4213062d15efb9b25686eb50d03f4d90d530d0c36a1f6baa8a3955f

    • SSDEEP

      384:uGdaFciz4Wb3HXLdW1pitCexvpGWKBqvlaNE+FSzVUzRDhAYYO7vX20sLa/kK0kE:uG097bQACXWm6lajRD46O0sBK0oyW9Le

    • Modifies firewall policy service

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks