General
-
Target
072872e05951cf1a9b2f0621ab4663a6_JaffaCakes118
-
Size
844KB
-
Sample
240620-sltgeaybkp
-
MD5
072872e05951cf1a9b2f0621ab4663a6
-
SHA1
d300ce60d007727a54a1fd7eb33ed7dda9282f44
-
SHA256
caa9c04f612a9758d8bc9c273496ff5b2698a98d77d87c40275d590a8e41b05b
-
SHA512
372dd3207e63afc509ec7e96225acee0d39586eccff3d01b570baafe4b43b407f814bc44a98f5b9df73a81ca4bd084546b029ce4a141577011831c0b4ca66cda
-
SSDEEP
24576:+cjkOjG2eC6ZaT5/Zosgs3B5e/LwIYoC5mJkRfD4/V:+hOjG2evZa1ZRgs3BybcRLy
Static task
static1
Behavioral task
behavioral1
Sample
072872e05951cf1a9b2f0621ab4663a6_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
072872e05951cf1a9b2f0621ab4663a6_JaffaCakes118.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
072872e05951cf1a9b2f0621ab4663a6_JaffaCakes118
-
Size
844KB
-
MD5
072872e05951cf1a9b2f0621ab4663a6
-
SHA1
d300ce60d007727a54a1fd7eb33ed7dda9282f44
-
SHA256
caa9c04f612a9758d8bc9c273496ff5b2698a98d77d87c40275d590a8e41b05b
-
SHA512
372dd3207e63afc509ec7e96225acee0d39586eccff3d01b570baafe4b43b407f814bc44a98f5b9df73a81ca4bd084546b029ce4a141577011831c0b4ca66cda
-
SSDEEP
24576:+cjkOjG2eC6ZaT5/Zosgs3B5e/LwIYoC5mJkRfD4/V:+hOjG2evZa1ZRgs3BybcRLy
Score8/10-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Active Setup
1Registry Run Keys / Startup Folder
1Pre-OS Boot
1Bootkit
1Privilege Escalation
Boot or Logon Autostart Execution
2Active Setup
1Registry Run Keys / Startup Folder
1