General

  • Target

    447db6d53161d18d2043bec9f7139c41_JaffaCakes118

  • Size

    13KB

  • Sample

    241014-2frv3azcqb

  • MD5

    447db6d53161d18d2043bec9f7139c41

  • SHA1

    8ed5bb1bdb0af580d4326cd2a45321f49328ff22

  • SHA256

    3ebd04e8967791daeae15a1f7c63085b074329ec3fe0c859aee9c33cee62dd2f

  • SHA512

    8f853af2181a57f73b8424200b55f015347dc9045ca3ab1be6fe227492ccf438decdc273081a1b12c817af7ebaea84d419c1d307dcbd691b04c1791e6479eeda

  • SSDEEP

    192:GVwFKcSZrQRStGz2Suxlw94h7iTsTZ1a+MS:TF1SZrQRoxlwO7iMZ1a+

Malware Config

Targets

    • Target

      447db6d53161d18d2043bec9f7139c41_JaffaCakes118

    • Size

      13KB

    • MD5

      447db6d53161d18d2043bec9f7139c41

    • SHA1

      8ed5bb1bdb0af580d4326cd2a45321f49328ff22

    • SHA256

      3ebd04e8967791daeae15a1f7c63085b074329ec3fe0c859aee9c33cee62dd2f

    • SHA512

      8f853af2181a57f73b8424200b55f015347dc9045ca3ab1be6fe227492ccf438decdc273081a1b12c817af7ebaea84d419c1d307dcbd691b04c1791e6479eeda

    • SSDEEP

      192:GVwFKcSZrQRStGz2Suxlw94h7iTsTZ1a+MS:TF1SZrQRoxlwO7iMZ1a+

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • OS Credential Dumping

      Adversaries may attempt to dump credentials to use it in password cracking.

    • Abuse Elevation Control Mechanism: Sudo and Sudo Caching

      Abuse sudo or cached sudo credentials to execute code.

MITRE ATT&CK Enterprise v15

Tasks