General

  • Target

    001252f3420ba6fbccc52dced16c6b7c_JaffaCakes118

  • Size

    25KB

  • Sample

    240619-xpbszsxcnh

  • MD5

    001252f3420ba6fbccc52dced16c6b7c

  • SHA1

    6d840d0e9507588e34a26eb3bb73b8fd2f1503a9

  • SHA256

    ec11eaa530b065d39cd2c0150860b290ead9f71da820726b647e558481c0cf47

  • SHA512

    165ae75d685e4317d62f85ffd70f488e6fbbfe7397b41714240141581df11b923ba108565d59d1b6f029933bec4ce235130dfc7fdb4b38f95bdda957eea436a6

  • SSDEEP

    384:9dD9d6G43iQQrEouVlyvK8su4Q45VFsCXa5qjJ3EmpN4z61r6yT7JpQN:9DLSyvFH4Vu5qJLa61GyT8

Malware Config

Targets

    • Target

      001252f3420ba6fbccc52dced16c6b7c_JaffaCakes118

    • Size

      25KB

    • MD5

      001252f3420ba6fbccc52dced16c6b7c

    • SHA1

      6d840d0e9507588e34a26eb3bb73b8fd2f1503a9

    • SHA256

      ec11eaa530b065d39cd2c0150860b290ead9f71da820726b647e558481c0cf47

    • SHA512

      165ae75d685e4317d62f85ffd70f488e6fbbfe7397b41714240141581df11b923ba108565d59d1b6f029933bec4ce235130dfc7fdb4b38f95bdda957eea436a6

    • SSDEEP

      384:9dD9d6G43iQQrEouVlyvK8su4Q45VFsCXa5qjJ3EmpN4z61r6yT7JpQN:9DLSyvFH4Vu5qJLa61GyT8

    • Modifies firewall policy service

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks