General
-
Target
3d370e723292863b66df4dc9c078c54a_JaffaCakes118
-
Size
116KB
-
Sample
240712-nqndqstfnc
-
MD5
3d370e723292863b66df4dc9c078c54a
-
SHA1
c449db767ef3aec41e1dd9ade4d7848585d34b0b
-
SHA256
247bf157e683c370aa9d355da0fca95c2f2934110390bd69b7531f16d60eeb62
-
SHA512
f7b3a854fd655ec82516ce6a12e06f4a4f38b5fe57643abab6cd751764b48d88c661a5965fb8dc4783c74acca5db2a080fedc73d75a19d75c30e167c07949321
-
SSDEEP
1536:Ww2lTPGB6ZlSs8lXcwsfeGF2Upi+Y8NjgYqor7p0dFfulVJQicacrHtKWUi5ek4G:sTP8lXHNVUgVhcFDcrHoWUike
Malware Config
Targets
-
-
Target
3d370e723292863b66df4dc9c078c54a_JaffaCakes118
-
Size
116KB
-
MD5
3d370e723292863b66df4dc9c078c54a
-
SHA1
c449db767ef3aec41e1dd9ade4d7848585d34b0b
-
SHA256
247bf157e683c370aa9d355da0fca95c2f2934110390bd69b7531f16d60eeb62
-
SHA512
f7b3a854fd655ec82516ce6a12e06f4a4f38b5fe57643abab6cd751764b48d88c661a5965fb8dc4783c74acca5db2a080fedc73d75a19d75c30e167c07949321
-
SSDEEP
1536:Ww2lTPGB6ZlSs8lXcwsfeGF2Upi+Y8NjgYqor7p0dFfulVJQicacrHtKWUi5ek4G:sTP8lXHNVUgVhcFDcrHoWUike
Score10/10-
Modifies firewall policy service
-
Blocklisted process makes network request
-
Modifies Windows Firewall
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
2Windows Service
2Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Create or Modify System Process
2Windows Service
2Event Triggered Execution
1Netsh Helper DLL
1