General

  • Target

    0012c5e547b0b09b1726fe201785e632_JaffaCakes118

  • Size

    20KB

  • Sample

    240619-xpkqws1hrj

  • MD5

    0012c5e547b0b09b1726fe201785e632

  • SHA1

    7c0d6616d7795537c7cc5e7376f0699b4eea1da7

  • SHA256

    e6cbff6de16a59ad14f13c13c9ce0b0740c88ed0f071f2ce8f5fdb68e23cf881

  • SHA512

    c0c669ae3b7c8a2b3c75bddc834f64ee89db5e5471afb6bd7f90e0f482fd4fed0ae9199d4f4dbfe5d8174c48449f69a0b3d20feeb8c1f789cd944b6eb67a666a

  • SSDEEP

    384:rPyZNjtU2m/gxDwGpmEs1C1PNskqEjHbzEiqrRSEXH:zyZmKl5kC1V7XEiqrRS8H

Malware Config

Targets

    • Target

      0012c5e547b0b09b1726fe201785e632_JaffaCakes118

    • Size

      20KB

    • MD5

      0012c5e547b0b09b1726fe201785e632

    • SHA1

      7c0d6616d7795537c7cc5e7376f0699b4eea1da7

    • SHA256

      e6cbff6de16a59ad14f13c13c9ce0b0740c88ed0f071f2ce8f5fdb68e23cf881

    • SHA512

      c0c669ae3b7c8a2b3c75bddc834f64ee89db5e5471afb6bd7f90e0f482fd4fed0ae9199d4f4dbfe5d8174c48449f69a0b3d20feeb8c1f789cd944b6eb67a666a

    • SSDEEP

      384:rPyZNjtU2m/gxDwGpmEs1C1PNskqEjHbzEiqrRSEXH:zyZmKl5kC1V7XEiqrRS8H

    • Modifies firewall policy service

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks