General

  • Target

    0012df165ed7738f989d854d11cd86c7_JaffaCakes118

  • Size

    23KB

  • Sample

    240619-xpngsaxcqc

  • MD5

    0012df165ed7738f989d854d11cd86c7

  • SHA1

    a6ed5c9db3adf019832bc932c663f92428db5858

  • SHA256

    bb6cbe552a2732654f20efc80f2f6080d127f5d847a73b41965e10fe49ce2282

  • SHA512

    1cff9ef36032e1f2cbc059e6802957fc06b3b102abc2c86a4aa1f3af8cf5d56cdce32a0a25460374be4df685c171c19cb3a1ed5904d65a419b10f81cfec0d06c

  • SSDEEP

    384:tidD9d6GArO45TlZcfkZmQt6aOJWj1o3asE9AzotW3RwB6:srK30ceJGuKTAotWBf

Malware Config

Targets

    • Target

      0012df165ed7738f989d854d11cd86c7_JaffaCakes118

    • Size

      23KB

    • MD5

      0012df165ed7738f989d854d11cd86c7

    • SHA1

      a6ed5c9db3adf019832bc932c663f92428db5858

    • SHA256

      bb6cbe552a2732654f20efc80f2f6080d127f5d847a73b41965e10fe49ce2282

    • SHA512

      1cff9ef36032e1f2cbc059e6802957fc06b3b102abc2c86a4aa1f3af8cf5d56cdce32a0a25460374be4df685c171c19cb3a1ed5904d65a419b10f81cfec0d06c

    • SSDEEP

      384:tidD9d6GArO45TlZcfkZmQt6aOJWj1o3asE9AzotW3RwB6:srK30ceJGuKTAotWBf

    • Modifies firewall policy service

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks