General
-
Target
1859d11a1a0d2a906df90f62b0f79b88_JaffaCakes118
-
Size
489KB
-
Sample
240628-b8j3taxdlr
-
MD5
1859d11a1a0d2a906df90f62b0f79b88
-
SHA1
44246c5e94168ef74b03dbe221f3e55611d8197a
-
SHA256
473b39b64c04131bee1ce3d6bf6ce35374a9a98e4252778ae2ba8481046e802c
-
SHA512
60828a17f953f40beab46c2031dde04fd7b3b9ff9aad1e00dc4627c1445a770e9d7a9196800f94e8ba4f0d15550c62e9b6d52c1ea10b6eb7e08acdfc0cb0bba7
-
SSDEEP
12288:+n/gCZq3jSNe+AXNinX4oHuTlcSxEdIbtZ2M9q:+n/gENe+AX0XHuTlckNtZ2M9q
Malware Config
Targets
-
-
Target
1859d11a1a0d2a906df90f62b0f79b88_JaffaCakes118
-
Size
489KB
-
MD5
1859d11a1a0d2a906df90f62b0f79b88
-
SHA1
44246c5e94168ef74b03dbe221f3e55611d8197a
-
SHA256
473b39b64c04131bee1ce3d6bf6ce35374a9a98e4252778ae2ba8481046e802c
-
SHA512
60828a17f953f40beab46c2031dde04fd7b3b9ff9aad1e00dc4627c1445a770e9d7a9196800f94e8ba4f0d15550c62e9b6d52c1ea10b6eb7e08acdfc0cb0bba7
-
SSDEEP
12288:+n/gCZq3jSNe+AXNinX4oHuTlcSxEdIbtZ2M9q:+n/gENe+AX0XHuTlckNtZ2M9q
Score10/10-
Modifies firewall policy service
-
Adds policy Run key to start application
-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Active Setup
1Registry Run Keys / Startup Folder
2Create or Modify System Process
1Windows Service
1Privilege Escalation
Boot or Logon Autostart Execution
3Active Setup
1Registry Run Keys / Startup Folder
2Create or Modify System Process
1Windows Service
1