General

  • Target

    06c75fee25f8b4c143053101e5aa0811_JaffaCakes118

  • Size

    44KB

  • Sample

    240620-rpddxswepk

  • MD5

    06c75fee25f8b4c143053101e5aa0811

  • SHA1

    d441e93dc0e1f7afc8e05c6bd873e17de4148531

  • SHA256

    4818999fa01bc4f30a11b829cfedd8afbbc8b8c9d98e1fc5a90e655be29a0694

  • SHA512

    87207180955cfd446cc88300c155b2dda1191c13e45af430b903f72f166d465ffd33f06917563105090c188790441e54947b76ab659090e83e6e771e4d0204b6

  • SSDEEP

    768:vhfsv8IoKa6A2l38GzojKDlBucKqe2zpKxR6KkhHR:vJs1oAAiMG7i5h2zpGe

Score
10/10

Malware Config

Extracted

Family

metasploit

Version

encoder/fnstenv_mov

Targets

    • Target

      06c75fee25f8b4c143053101e5aa0811_JaffaCakes118

    • Size

      44KB

    • MD5

      06c75fee25f8b4c143053101e5aa0811

    • SHA1

      d441e93dc0e1f7afc8e05c6bd873e17de4148531

    • SHA256

      4818999fa01bc4f30a11b829cfedd8afbbc8b8c9d98e1fc5a90e655be29a0694

    • SHA512

      87207180955cfd446cc88300c155b2dda1191c13e45af430b903f72f166d465ffd33f06917563105090c188790441e54947b76ab659090e83e6e771e4d0204b6

    • SSDEEP

      768:vhfsv8IoKa6A2l38GzojKDlBucKqe2zpKxR6KkhHR:vJs1oAAiMG7i5h2zpGe

    Score
    6/10
    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v13

Persistence

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Defense Evasion

Modify Registry

1
T1112

Tasks