General
-
Target
18227289081542b093f5d5999155b6d8_JaffaCakes118
-
Size
1.9MB
-
Sample
240628-awnd2atdpr
-
MD5
18227289081542b093f5d5999155b6d8
-
SHA1
d2296b9c328f430fa4275099ff9c33c74de177d3
-
SHA256
f112a4b5ca763c9491f67620ecda2e18ff2dc037bee897a978dcc608ae4937fc
-
SHA512
6eac87ad2622d4d27207cbce06cb57c2dd15442e17d6255f7ef1a9a380b529b0e3e141de4ab9da42cc60b19b11423d9567bc72a5d05de44d4ac2483a3e437e3a
-
SSDEEP
49152:rF+r3DgHwuzGdZNwO7GGJP6KIKtsvcZMN0YgfZUGOym:rF+TDgHRGdZzGuP6KRsM20ftrm
Malware Config
Targets
-
-
Target
18227289081542b093f5d5999155b6d8_JaffaCakes118
-
Size
1.9MB
-
MD5
18227289081542b093f5d5999155b6d8
-
SHA1
d2296b9c328f430fa4275099ff9c33c74de177d3
-
SHA256
f112a4b5ca763c9491f67620ecda2e18ff2dc037bee897a978dcc608ae4937fc
-
SHA512
6eac87ad2622d4d27207cbce06cb57c2dd15442e17d6255f7ef1a9a380b529b0e3e141de4ab9da42cc60b19b11423d9567bc72a5d05de44d4ac2483a3e437e3a
-
SSDEEP
49152:rF+r3DgHwuzGdZNwO7GGJP6KIKtsvcZMN0YgfZUGOym:rF+TDgHRGdZzGuP6KRsM20ftrm
Score8/10-
Modifies Windows Firewall
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1