General
-
Target
fbc68a60faf8909c467e82edf8d9be04_JaffaCakes118
-
Size
7KB
-
Sample
240420-dfp5gaee68
-
MD5
fbc68a60faf8909c467e82edf8d9be04
-
SHA1
ef15b15857fa6c0005a1818fbdd00159b0440f2e
-
SHA256
f40f37eb08e98ec56598a297217bd2df3a9684dfa5d2f77019acbf0a70c2a0ab
-
SHA512
4c1acd2a3fb624a6713c8704f60aa425f05c2c2e03920c817eebf53d496418d8546c6001fff5e59f7b3ef6796e98066bc08474bb287c280025ae9c0ba776303a
-
SSDEEP
192:Qp7tZOfko/UzxUYb9L036D/xOa1rxFNPaAO/7PG/h9o/2X:QRPoszxUWs6DJ7rxvC7PGHo/2X
Malware Config
Targets
-
-
Target
fbc68a60faf8909c467e82edf8d9be04_JaffaCakes118
-
Size
7KB
-
MD5
fbc68a60faf8909c467e82edf8d9be04
-
SHA1
ef15b15857fa6c0005a1818fbdd00159b0440f2e
-
SHA256
f40f37eb08e98ec56598a297217bd2df3a9684dfa5d2f77019acbf0a70c2a0ab
-
SHA512
4c1acd2a3fb624a6713c8704f60aa425f05c2c2e03920c817eebf53d496418d8546c6001fff5e59f7b3ef6796e98066bc08474bb287c280025ae9c0ba776303a
-
SSDEEP
192:Qp7tZOfko/UzxUYb9L036D/xOa1rxFNPaAO/7PG/h9o/2X:QRPoszxUWs6DJ7rxvC7PGHo/2X
Score8/10-
Disables Task Manager via registry modification
-
Modifies Windows Firewall
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1