General

  • Target

    0013f881c3d314fc16c3b5bf8ab3a60c_JaffaCakes118

  • Size

    23KB

  • Sample

    240619-xqabjsxdlc

  • MD5

    0013f881c3d314fc16c3b5bf8ab3a60c

  • SHA1

    65d9fae598b3ac286e8551e400635477ebf82ab6

  • SHA256

    a48763346f3b202beace9b47a9a95d7c83159899c709604e140ded23beca47be

  • SHA512

    8e9ffae87b7251757b4e6e12aee29800250b0198c54150b55132b0408431b8a483dfc9d206dc264baaba97b701dfdf4ebf4ac14762db55f6c4f8c8dc1f4ff73b

  • SSDEEP

    384:TidD9d6GAm2QBzXoi+V+Ma3LfU24Gv3jr5Jw2E9zEiuu4nrt9m:GK6nJj3LZLrjwREiuuCt9m

Malware Config

Targets

    • Target

      0013f881c3d314fc16c3b5bf8ab3a60c_JaffaCakes118

    • Size

      23KB

    • MD5

      0013f881c3d314fc16c3b5bf8ab3a60c

    • SHA1

      65d9fae598b3ac286e8551e400635477ebf82ab6

    • SHA256

      a48763346f3b202beace9b47a9a95d7c83159899c709604e140ded23beca47be

    • SHA512

      8e9ffae87b7251757b4e6e12aee29800250b0198c54150b55132b0408431b8a483dfc9d206dc264baaba97b701dfdf4ebf4ac14762db55f6c4f8c8dc1f4ff73b

    • SSDEEP

      384:TidD9d6GAm2QBzXoi+V+Ma3LfU24Gv3jr5Jw2E9zEiuu4nrt9m:GK6nJj3LZLrjwREiuuCt9m

    • Modifies firewall policy service

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks