General
-
Target
3f807e3734b4e67bfd115dce5e23091f_JaffaCakes118
-
Size
319KB
-
Sample
240713-avtveszfpc
-
MD5
3f807e3734b4e67bfd115dce5e23091f
-
SHA1
04f448f000f4f27b4066c63eb1639148a056899f
-
SHA256
fe59450a561ce21e495966f355d92dbec0f3730068fee0b6ecd81aa52652f4d5
-
SHA512
88f6ad5f8581e097d7ef1eb1e83e2f6083894402629b4ece570848fc15a14315fba1a916ded2a1614abb464c83857ea2ee37561b4ca2cecee18421849d5a4cfe
-
SSDEEP
6144:MRAhhJxX7bNIAROzTuaPUIDVeSceufwQQ1caatxkA5OsMb9MKDfeKt:UsAAPaPUIDVeeufwQoZSxrAsU95X
Malware Config
Targets
-
-
Target
3f807e3734b4e67bfd115dce5e23091f_JaffaCakes118
-
Size
319KB
-
MD5
3f807e3734b4e67bfd115dce5e23091f
-
SHA1
04f448f000f4f27b4066c63eb1639148a056899f
-
SHA256
fe59450a561ce21e495966f355d92dbec0f3730068fee0b6ecd81aa52652f4d5
-
SHA512
88f6ad5f8581e097d7ef1eb1e83e2f6083894402629b4ece570848fc15a14315fba1a916ded2a1614abb464c83857ea2ee37561b4ca2cecee18421849d5a4cfe
-
SSDEEP
6144:MRAhhJxX7bNIAROzTuaPUIDVeSceufwQQ1caatxkA5OsMb9MKDfeKt:UsAAPaPUIDVeeufwQoZSxrAsU95X
Score8/10-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Executes dropped EXE
-
Modifies system executable filetype association
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Active Setup
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Change Default File Association
1