General
-
Target
2a54e63f399269374692c00d5ab435e2_JaffaCakes118
-
Size
640KB
-
Sample
240708-aqk2qawbnf
-
MD5
2a54e63f399269374692c00d5ab435e2
-
SHA1
87ee13506dc254d7a8d26d74b1dcbffb57a9fb99
-
SHA256
cc0bdf1e810fb36784bfdeaaeef58b097f43e9bd800d455216a6027effbadba5
-
SHA512
6e46042241d8b9316c5ae428ffd3b4c33a91dacd74ba44aafa392ff9b2e6fa65bade8ec2fa93ccb9a73e927089600d6c0b63117af6cb1a5e3ae06c6e6dd006d9
-
SSDEEP
12288:NtKe6Zv23YdL/W5L/SZdSCvTF+bDTqXTa7v5ouB1CWrDDU1zFWPeFiI5ewiq23F:d6Zv24/WNSZ8CLGETEjrCwDUqDI87qS
Malware Config
Targets
-
-
Target
2a54e63f399269374692c00d5ab435e2_JaffaCakes118
-
Size
640KB
-
MD5
2a54e63f399269374692c00d5ab435e2
-
SHA1
87ee13506dc254d7a8d26d74b1dcbffb57a9fb99
-
SHA256
cc0bdf1e810fb36784bfdeaaeef58b097f43e9bd800d455216a6027effbadba5
-
SHA512
6e46042241d8b9316c5ae428ffd3b4c33a91dacd74ba44aafa392ff9b2e6fa65bade8ec2fa93ccb9a73e927089600d6c0b63117af6cb1a5e3ae06c6e6dd006d9
-
SSDEEP
12288:NtKe6Zv23YdL/W5L/SZdSCvTF+bDTqXTa7v5ouB1CWrDDU1zFWPeFiI5ewiq23F:d6Zv24/WNSZ8CLGETEjrCwDUqDI87qS
Score8/10-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Executes dropped EXE
-
Modifies system executable filetype association
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Active Setup
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Change Default File Association
1