General

  • Target

    0013f432b024e4eafc2ff1eabefa0a13_JaffaCakes118

  • Size

    22KB

  • Sample

    240619-xp9p1sxdkh

  • MD5

    0013f432b024e4eafc2ff1eabefa0a13

  • SHA1

    8b749d5ee05f0589754f8588ef07a8908d9d27b3

  • SHA256

    12920a9d293a25236f5ea8f6ee517d7f264f176d07576282f1d3bacfc2c23fb8

  • SHA512

    61549f6a00e93e14fc4f92ef457d14672ba0e23ab11d9caa8258d078e1096248fd414388844c37b3758cfc158167ba130445702d059b03208679bbc94d27c54c

  • SSDEEP

    384:vPyZNjtU2mPgALpGhWKxl61oMojjZQddhzxZeeCn3N:3yZWrpDKmotSddlxZetd

Malware Config

Targets

    • Target

      0013f432b024e4eafc2ff1eabefa0a13_JaffaCakes118

    • Size

      22KB

    • MD5

      0013f432b024e4eafc2ff1eabefa0a13

    • SHA1

      8b749d5ee05f0589754f8588ef07a8908d9d27b3

    • SHA256

      12920a9d293a25236f5ea8f6ee517d7f264f176d07576282f1d3bacfc2c23fb8

    • SHA512

      61549f6a00e93e14fc4f92ef457d14672ba0e23ab11d9caa8258d078e1096248fd414388844c37b3758cfc158167ba130445702d059b03208679bbc94d27c54c

    • SSDEEP

      384:vPyZNjtU2mPgALpGhWKxl61oMojjZQddhzxZeeCn3N:3yZWrpDKmotSddlxZetd

    • Modifies firewall policy service

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks