General

  • Target

    0014b2b28526b06b834b1358f685bfe4_JaffaCakes118

  • Size

    515KB

  • Sample

    240619-xqqnjaxdmg

  • MD5

    0014b2b28526b06b834b1358f685bfe4

  • SHA1

    471ee6625f52bf0a01c29c10bfc664ff1b86a0c5

  • SHA256

    55330baa5e0c5389dc4755e3144067a63fa9ceed543bb30357400cb5ff31f99c

  • SHA512

    0850655c1dab7cc24c7f6bbb13974fa8f32a21575d929369cb817a7a35682a99f4b24f495eb7b036bac6c686f62f248b9efb90694e391ef0bd78c6958564a8a7

  • SSDEEP

    384:PdD9d6G4KwTrzMdusiBdCcK7anY3tAEjR+E8ZzXtr1o0B:PrkXMdKdCcQ3mkR6XtZo2

Malware Config

Targets

    • Target

      0014b2b28526b06b834b1358f685bfe4_JaffaCakes118

    • Size

      515KB

    • MD5

      0014b2b28526b06b834b1358f685bfe4

    • SHA1

      471ee6625f52bf0a01c29c10bfc664ff1b86a0c5

    • SHA256

      55330baa5e0c5389dc4755e3144067a63fa9ceed543bb30357400cb5ff31f99c

    • SHA512

      0850655c1dab7cc24c7f6bbb13974fa8f32a21575d929369cb817a7a35682a99f4b24f495eb7b036bac6c686f62f248b9efb90694e391ef0bd78c6958564a8a7

    • SSDEEP

      384:PdD9d6G4KwTrzMdusiBdCcK7anY3tAEjR+E8ZzXtr1o0B:PrkXMdKdCcQ3mkR6XtZo2

    • Modifies firewall policy service

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks