General

  • Target

    7f044c12ec9e3d8be0f225b01c58ab1f_JaffaCakes118

  • Size

    18KB

  • Sample

    241030-nh3tfstnap

  • MD5

    7f044c12ec9e3d8be0f225b01c58ab1f

  • SHA1

    a9f6a0a6458ee7a39df7de6fbe1f57438085ece4

  • SHA256

    df02e376bbc7e3418947b20c93a0905ca6baa0f6dd1c90d20857888d7391c6c3

  • SHA512

    b35a18b0f39637efb634a3aa75e467a96e46b7a90fdc8909cff0a098cc19c351dbc9993f6faa5fcadc1363bce08043fc5d4e1884047021365980535b6e78236b

  • SSDEEP

    384:AMOCn9T8qcUiPhuEkG1x2ajKuAuqMintR30J/v:A6TFcTPhuENjhjDAuqM+tVO

Malware Config

Targets

    • Target

      7f044c12ec9e3d8be0f225b01c58ab1f_JaffaCakes118

    • Size

      18KB

    • MD5

      7f044c12ec9e3d8be0f225b01c58ab1f

    • SHA1

      a9f6a0a6458ee7a39df7de6fbe1f57438085ece4

    • SHA256

      df02e376bbc7e3418947b20c93a0905ca6baa0f6dd1c90d20857888d7391c6c3

    • SHA512

      b35a18b0f39637efb634a3aa75e467a96e46b7a90fdc8909cff0a098cc19c351dbc9993f6faa5fcadc1363bce08043fc5d4e1884047021365980535b6e78236b

    • SSDEEP

      384:AMOCn9T8qcUiPhuEkG1x2ajKuAuqMintR30J/v:A6TFcTPhuENjhjDAuqM+tVO

    • Drops file in Drivers directory

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

    • Deletes itself

    • Loads dropped DLL

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks