General

  • Target

    611f0aa675ea4c925ca62a0c7ffcb102_JaffaCakes118

  • Size

    108KB

  • Sample

    240721-ybvvdatdmm

  • MD5

    611f0aa675ea4c925ca62a0c7ffcb102

  • SHA1

    12293dabe5b5d7be2a84c3fd7843ac9ac027a82b

  • SHA256

    083064afe391297891afda40df5e0967d98dd1d4778443e86b25725d428eb89e

  • SHA512

    db85610cae42b18d831f037076855a6407317acc64555ac9639700d7a409c10837ba934ce7468b3d5634e3cd1edbfd1d08d30960bd3b06d3382913b6fbe983fe

  • SSDEEP

    3072:DVqFOW20dnMDr9cW3LDXcnsQk1QFIeo4VLmboJlId:n0dnMdl3LDsnCkLV6cId

Malware Config

Targets

    • Target

      611f0aa675ea4c925ca62a0c7ffcb102_JaffaCakes118

    • Size

      108KB

    • MD5

      611f0aa675ea4c925ca62a0c7ffcb102

    • SHA1

      12293dabe5b5d7be2a84c3fd7843ac9ac027a82b

    • SHA256

      083064afe391297891afda40df5e0967d98dd1d4778443e86b25725d428eb89e

    • SHA512

      db85610cae42b18d831f037076855a6407317acc64555ac9639700d7a409c10837ba934ce7468b3d5634e3cd1edbfd1d08d30960bd3b06d3382913b6fbe983fe

    • SSDEEP

      3072:DVqFOW20dnMDr9cW3LDXcnsQk1QFIeo4VLmboJlId:n0dnMdl3LDsnCkLV6cId

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks