General
-
Target
6907d15079b8ccb4578bd9520d7be07f_JaffaCakes118
-
Size
404KB
-
Sample
240522-3py66sdf27
-
MD5
6907d15079b8ccb4578bd9520d7be07f
-
SHA1
bdfff360edba4e26395daf7478f89089b25ebbd1
-
SHA256
06d01a18da28ef77227a99aee09a3c9dd987cf10a9c04a589e7297e3ee7c6f6e
-
SHA512
3cbf365db2c762f9110482c9b4171db75ba20f420776b66a8f6814b6831493c8cb93a0a7dfe026c122e8cadb6d75a09cf7dd336f71ec7e599047da953312675a
-
SSDEEP
6144:sI3yr7RfBT/29KtpcCt+zxVMke5HROxmVHVvIXTEscuQdm5dWty7RGCx4RgpRQhU:sIKBT/2Q1qM/5xOcuW47RVoQed
Static task
static1
Behavioral task
behavioral1
Sample
6907d15079b8ccb4578bd9520d7be07f_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
6907d15079b8ccb4578bd9520d7be07f_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
6907d15079b8ccb4578bd9520d7be07f_JaffaCakes118
-
Size
404KB
-
MD5
6907d15079b8ccb4578bd9520d7be07f
-
SHA1
bdfff360edba4e26395daf7478f89089b25ebbd1
-
SHA256
06d01a18da28ef77227a99aee09a3c9dd987cf10a9c04a589e7297e3ee7c6f6e
-
SHA512
3cbf365db2c762f9110482c9b4171db75ba20f420776b66a8f6814b6831493c8cb93a0a7dfe026c122e8cadb6d75a09cf7dd336f71ec7e599047da953312675a
-
SSDEEP
6144:sI3yr7RfBT/29KtpcCt+zxVMke5HROxmVHVvIXTEscuQdm5dWty7RGCx4RgpRQhU:sIKBT/2Q1qM/5xOcuW47RVoQed
Score10/10-
Modifies firewall policy service
-
Adds policy Run key to start application
-
Modifies Installed Components in the registry
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
3Create or Modify System Process
1Windows Service
1