General
-
Target
2a5b2667b68b7a968d2367304fb59aab_JaffaCakes118
-
Size
29KB
-
Sample
240708-awfn7ateml
-
MD5
2a5b2667b68b7a968d2367304fb59aab
-
SHA1
527d7aef66747821765e285296725e776b0a2280
-
SHA256
1552f8f8146c7c17bfd09aed34120c00968df4063ce2268c14c45740d89e8af0
-
SHA512
ab399425438b10f5411ae117eeffc54b608526e5bdab27a1228aa18f833712af937225d69388dc83db0b30ed714dde73ec199558f09c8eb0493948b435998718
-
SSDEEP
768:ZzAHmSrtOmkUpwiRtSl1CwFLPO9Conn8C:RAHDTpFR4CwLPO9tn8C
Malware Config
Targets
-
-
Target
2a5b2667b68b7a968d2367304fb59aab_JaffaCakes118
-
Size
29KB
-
MD5
2a5b2667b68b7a968d2367304fb59aab
-
SHA1
527d7aef66747821765e285296725e776b0a2280
-
SHA256
1552f8f8146c7c17bfd09aed34120c00968df4063ce2268c14c45740d89e8af0
-
SHA512
ab399425438b10f5411ae117eeffc54b608526e5bdab27a1228aa18f833712af937225d69388dc83db0b30ed714dde73ec199558f09c8eb0493948b435998718
-
SSDEEP
768:ZzAHmSrtOmkUpwiRtSl1CwFLPO9Conn8C:RAHDTpFR4CwLPO9tn8C
Score10/10-
Modifies firewall policy service
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1