General
-
Target
ad5337a5e1b7448b3e37522535695244_JaffaCakes118
-
Size
434KB
-
Sample
240615-h9yqxswbrp
-
MD5
ad5337a5e1b7448b3e37522535695244
-
SHA1
43c83c5d1dd6a4ebbb47123bf3d43a23ec04efe9
-
SHA256
44cf0eeda0dd2519ce6b947fc1b2bbe931f6ff57566522d67f7f9217b3239d69
-
SHA512
b68f8beb1fee7a17a92b3c26abcb1261183a76233694ba9c2ca0ddc6e8d8074d03102ec0ae43463f06fda0b1306c3b28268303582e04d8fa5f1f1f6f15d543c5
-
SSDEEP
6144:hTkuH6nvfJ0iiiRaW7eNOV5FmHgYqRx2mVTEK1PJH+6r36m0tgGonVcH3rfUO1mk:SuH6vh0i37TF8bCxBVQKf36mMqV2fUO
Malware Config
Targets
-
-
Target
PRsetup.pkg
-
Size
381KB
-
MD5
c4ed12230c41427f7a81b1741b051d35
-
SHA1
8480836f6bf9e96cad0767fc29bc55743ea22adf
-
SHA256
6fef7aa234ad9c486ba18318d11db8643eb1a909988a2b076ecb6453ef4b42bd
-
SHA512
c2cc3dd92c5694ddb13c01cb27e00d732ae28f36baad66ed932f1962b4c20bc5957240b379206be852c44b95b8276ef4271691aca05f1422241609ce69d15e7e
-
SSDEEP
6144:RTkuH6nvfJ0iiiRaW7eNOV5FmHgYqRx2mVTEK1PJH+6r36m0tgGonVcH3rfUO1me:CuH6vh0i37TF8bCxBVQKf36mMqV2fUOf
Score7/10-
File Permission
Adversaries may modify file permissions/attributes to evade access control lists (ACLs) and access protected files.
-
Installer Packages
Adversaries may establish persistence and elevate privileges by using an installer to trigger the execution of malicious content. Installer packages are OS specific and contain the resources an operating system needs to install applications on a system.
-
File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity. Malware, tools, or other non-native files dropped or created on a system by an adversary (ex: Ingress Tool Transfer) may leave traces to indicate to what was done within a network and how. Removal of these files can occur.
-