General

  • Target

    38f0bfe93b83fa03711806ff3a151705_JaffaCakes118

  • Size

    19KB

  • Sample

    241012-hwz2tstejp

  • MD5

    38f0bfe93b83fa03711806ff3a151705

  • SHA1

    64b2d35167eef1a9714e28567b736ead3875a537

  • SHA256

    48460484b277b57a3d3bb194f96ba0780b26060a17942a192b0ba0121e6a0a4b

  • SHA512

    4b02825523da49d12cc80b182ecb602cba4adbc21c11355e58b4275109c636a3ea5d67f4651a64eb2837efb37d6c5dd8f9406aca39406d5cfa272503f51e074b

  • SSDEEP

    384:IPyZNjtU2mO4MEWPkyEpUsYHY5m5A43Kdjjp2XW4jKtozElMxVPG:YyZvEEks0kjkoElMxU

Malware Config

Targets

    • Target

      38f0bfe93b83fa03711806ff3a151705_JaffaCakes118

    • Size

      19KB

    • MD5

      38f0bfe93b83fa03711806ff3a151705

    • SHA1

      64b2d35167eef1a9714e28567b736ead3875a537

    • SHA256

      48460484b277b57a3d3bb194f96ba0780b26060a17942a192b0ba0121e6a0a4b

    • SHA512

      4b02825523da49d12cc80b182ecb602cba4adbc21c11355e58b4275109c636a3ea5d67f4651a64eb2837efb37d6c5dd8f9406aca39406d5cfa272503f51e074b

    • SSDEEP

      384:IPyZNjtU2mO4MEWPkyEpUsYHY5m5A43Kdjjp2XW4jKtozElMxVPG:YyZvEEks0kjkoElMxU

    • Modifies firewall policy service

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks