General
-
Target
0a31bf43b4b3bcffa9311ba692515de7_JaffaCakes118
-
Size
108KB
-
Sample
240624-xb7y9sxblb
-
MD5
0a31bf43b4b3bcffa9311ba692515de7
-
SHA1
cce5d3fb89b8f0ac60e819b47698139d92ffb27a
-
SHA256
56fc665d075edf4e324327fb7201b96ab6b6f787f66867f7f7fbce6baabf1637
-
SHA512
b14ec3ee7b3b7ec21b001a7b5c94a5309ba823f4e9adc0f9f618e0730e3e49aa94d6fb889f8503047e1a5834dad99845b763ac7800bed75bf680eca7ccb7ec75
-
SSDEEP
3072:lWCnxG9QL2Se7/ZGDhkWTU4MubTdzJL2c9/D61W6:pxG9p7BGDeWTbvdzB9OB
Malware Config
Targets
-
-
Target
0a31bf43b4b3bcffa9311ba692515de7_JaffaCakes118
-
Size
108KB
-
MD5
0a31bf43b4b3bcffa9311ba692515de7
-
SHA1
cce5d3fb89b8f0ac60e819b47698139d92ffb27a
-
SHA256
56fc665d075edf4e324327fb7201b96ab6b6f787f66867f7f7fbce6baabf1637
-
SHA512
b14ec3ee7b3b7ec21b001a7b5c94a5309ba823f4e9adc0f9f618e0730e3e49aa94d6fb889f8503047e1a5834dad99845b763ac7800bed75bf680eca7ccb7ec75
-
SSDEEP
3072:lWCnxG9QL2Se7/ZGDhkWTU4MubTdzJL2c9/D61W6:pxG9p7BGDeWTbvdzB9OB
Score10/10-
Modifies firewall policy service
-
Adds policy Run key to start application
-
Sets service image path in registry
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
3Create or Modify System Process
1Windows Service
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
3Create or Modify System Process
1Windows Service
1Defense Evasion
Impair Defenses
1Disable or Modify System Firewall
1Modify Registry
4