General

  • Target

    fcbea1b11cda328aca2a57222ef475a4_JaffaCakes118

  • Size

    473KB

  • Sample

    240928-vglbcaygkh

  • MD5

    fcbea1b11cda328aca2a57222ef475a4

  • SHA1

    48cc708b44ef61bbb172ff4c1d58d1961901ac19

  • SHA256

    1bbf68c60956d41b0f92005b14390c63e1219ce1a29a0849a7fdaaf64dab0bf2

  • SHA512

    2c95fbd1dbd796a6201fc9eb4fe1bd524cc4c694c86358f781a8f8274afbe2a46579f9f4a274898b529c04c79e0450889989c455cc7b166509114e772903ddbc

  • SSDEEP

    12288:EnuB5G1M6QQ3icvwzJEMuaBGZf348hg6DTKy:EnjV4VEXa0Zf3xhgYT5

Malware Config

Targets

    • Target

      fcbea1b11cda328aca2a57222ef475a4_JaffaCakes118

    • Size

      473KB

    • MD5

      fcbea1b11cda328aca2a57222ef475a4

    • SHA1

      48cc708b44ef61bbb172ff4c1d58d1961901ac19

    • SHA256

      1bbf68c60956d41b0f92005b14390c63e1219ce1a29a0849a7fdaaf64dab0bf2

    • SHA512

      2c95fbd1dbd796a6201fc9eb4fe1bd524cc4c694c86358f781a8f8274afbe2a46579f9f4a274898b529c04c79e0450889989c455cc7b166509114e772903ddbc

    • SSDEEP

      12288:EnuB5G1M6QQ3icvwzJEMuaBGZf348hg6DTKy:EnjV4VEXa0Zf3xhgYT5

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Executes dropped EXE

    • Loads a kernel module

      Loads a Linux kernel module, potentially to achieve persistence

    • Write file to user bin folder

    • Writes file to system bin folder

MITRE ATT&CK Enterprise v15

Tasks