General

  • Target

    0014da591597b307fb99c7308a8d7da0_JaffaCakes118

  • Size

    25KB

  • Sample

    240619-xqtp7asamk

  • MD5

    0014da591597b307fb99c7308a8d7da0

  • SHA1

    28a21272464cda828dafcf52990df7d93d08843c

  • SHA256

    54a2bdcfd8217a19d2b1b44172681118bfe1f47056a22596188d863cb1b4382a

  • SHA512

    b2c85a90994de7d80892a2e238e68c418fe1befa73d349d04fbad3aa0f5cb273acf5e50420683ade2e48b82412e2877aecc87ae9d8541f58dcd9b934ee7cc17b

  • SSDEEP

    384:ALXTfb7njvr3zGudD9d6GaTfbnh8HDPLXXTfbnjvrYz/7HDPLXTfbnjvr3z/Surt:ADd5lAxa+A1VVnH2UiF/Pk9W

Malware Config

Targets

    • Target

      0014da591597b307fb99c7308a8d7da0_JaffaCakes118

    • Size

      25KB

    • MD5

      0014da591597b307fb99c7308a8d7da0

    • SHA1

      28a21272464cda828dafcf52990df7d93d08843c

    • SHA256

      54a2bdcfd8217a19d2b1b44172681118bfe1f47056a22596188d863cb1b4382a

    • SHA512

      b2c85a90994de7d80892a2e238e68c418fe1befa73d349d04fbad3aa0f5cb273acf5e50420683ade2e48b82412e2877aecc87ae9d8541f58dcd9b934ee7cc17b

    • SSDEEP

      384:ALXTfb7njvr3zGudD9d6GaTfbnh8HDPLXXTfbnjvrYz/7HDPLXTfbnjvr3z/Surt:ADd5lAxa+A1VVnH2UiF/Pk9W

    • Modifies firewall policy service

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks