General
-
Target
249ae5c78d7a46ce31064b3667b6a285_JaffaCakes118
-
Size
1.6MB
-
Sample
240704-ew83ystgpp
-
MD5
249ae5c78d7a46ce31064b3667b6a285
-
SHA1
95f0c7b09b86206fc71045f1a65b83e2e118183f
-
SHA256
12231855a7c86b8c8fdb2363e42da512715e22025205bd428054e142f3e956a0
-
SHA512
1173d84d4c814bf69717f614da2cb8b75ec342a63c5f584046ff7585c0d69b89b92d759a99dc3b9afb89d7e3b01e75cfc7a7d3680c6d714f392db4d81c1cb0b6
-
SSDEEP
49152:raC4OrsZFuFG1hHZBo/orFZaC1ORQWTJmIOH:raCKZGyhHZEorFZtR5Im
Malware Config
Targets
-
-
Target
249ae5c78d7a46ce31064b3667b6a285_JaffaCakes118
-
Size
1.6MB
-
MD5
249ae5c78d7a46ce31064b3667b6a285
-
SHA1
95f0c7b09b86206fc71045f1a65b83e2e118183f
-
SHA256
12231855a7c86b8c8fdb2363e42da512715e22025205bd428054e142f3e956a0
-
SHA512
1173d84d4c814bf69717f614da2cb8b75ec342a63c5f584046ff7585c0d69b89b92d759a99dc3b9afb89d7e3b01e75cfc7a7d3680c6d714f392db4d81c1cb0b6
-
SSDEEP
49152:raC4OrsZFuFG1hHZBo/orFZaC1ORQWTJmIOH:raCKZGyhHZEorFZtR5Im
Score8/10-
Modifies Windows Firewall
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1