General

  • Target

    c079d385049eaef3f1c10fc7b3dbbfe3_JaffaCakes118

  • Size

    22KB

  • Sample

    240825-ltwheazcqn

  • MD5

    c079d385049eaef3f1c10fc7b3dbbfe3

  • SHA1

    400e98fa08722196b5b88938bde5c241b7fce828

  • SHA256

    21fc98f12f5e07c75473b7075d06970fbf6059b574d0fc376ed591acbed1d8d5

  • SHA512

    fd53f07c92749296428eb38fedfab417da60be7119b701009546f4e56f015d2a63ae87ee8c2b23eb931707e5b8ba02d038fd190ed803a7901c47385efac1222c

  • SSDEEP

    384:pv0Db8MVlcbrUNmNrYeXzkMb5Bd7JGReS+DWpF4SpAGsxn/R9giE:pvqzVW3UNmqeflLieTKFpA7npI

Malware Config

Targets

    • Target

      c079d385049eaef3f1c10fc7b3dbbfe3_JaffaCakes118

    • Size

      22KB

    • MD5

      c079d385049eaef3f1c10fc7b3dbbfe3

    • SHA1

      400e98fa08722196b5b88938bde5c241b7fce828

    • SHA256

      21fc98f12f5e07c75473b7075d06970fbf6059b574d0fc376ed591acbed1d8d5

    • SHA512

      fd53f07c92749296428eb38fedfab417da60be7119b701009546f4e56f015d2a63ae87ee8c2b23eb931707e5b8ba02d038fd190ed803a7901c47385efac1222c

    • SSDEEP

      384:pv0Db8MVlcbrUNmNrYeXzkMb5Bd7JGReS+DWpF4SpAGsxn/R9giE:pvqzVW3UNmqeflLieTKFpA7npI

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks