General
-
Target
28435503f4f2de23e074bf7242504bc9_JaffaCakes118
-
Size
648KB
-
Sample
240706-mt5lraygpf
-
MD5
28435503f4f2de23e074bf7242504bc9
-
SHA1
f455ccda83972e19eec87edd30e38512fceae549
-
SHA256
22a22ade4c75a0945250a6bd90ce7b0e91f42c04fa595a6ed0482a763c09b3d8
-
SHA512
bb94801ce18afdb4f8af059e49426c47a6ed41ffb1f6b89111360fe1158233d6505071b832fd111d826889749eee931ee594ae6badda517950768326a2fc7464
-
SSDEEP
12288:UsAL/W5L/SZdSCvTF+bDTqXTa7v5ouB1CWrDDU1zFI9vAYkCLdHikTlBfkjP:UsW/WNSZ8CLGETEjrCwDUFMhzLM
Malware Config
Targets
-
-
Target
28435503f4f2de23e074bf7242504bc9_JaffaCakes118
-
Size
648KB
-
MD5
28435503f4f2de23e074bf7242504bc9
-
SHA1
f455ccda83972e19eec87edd30e38512fceae549
-
SHA256
22a22ade4c75a0945250a6bd90ce7b0e91f42c04fa595a6ed0482a763c09b3d8
-
SHA512
bb94801ce18afdb4f8af059e49426c47a6ed41ffb1f6b89111360fe1158233d6505071b832fd111d826889749eee931ee594ae6badda517950768326a2fc7464
-
SSDEEP
12288:UsAL/W5L/SZdSCvTF+bDTqXTa7v5ouB1CWrDDU1zFI9vAYkCLdHikTlBfkjP:UsW/WNSZ8CLGETEjrCwDUFMhzLM
Score8/10-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Executes dropped EXE
-
Modifies system executable filetype association
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Active Setup
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Change Default File Association
1