General
-
Target
4c51b7a7e00da3a7f4960273833ff3ef_JaffaCakes118
-
Size
38KB
-
Sample
240716-b9hw5szcjj
-
MD5
4c51b7a7e00da3a7f4960273833ff3ef
-
SHA1
528b85c0b56b37c9eb1a7babe16952d98807ef85
-
SHA256
cccdde3b94a3029bed8639ebafff79e81b348fa99dd641015f9469fc29797b33
-
SHA512
7a94c551a62601993bbf890b51877671cb40453105d6d9c96f2b726bb582ce35dd71447c666093ff818398087f3b970586833f90251c1186aab05026f1ff4d63
-
SSDEEP
768:XW2NNz4acho12F5a7o00PNZcnJZMffGXEKOlgm/2353g5y0R:XW2bz4acho1v0PNeqGUjGs23VC7R
Malware Config
Targets
-
-
Target
4c51b7a7e00da3a7f4960273833ff3ef_JaffaCakes118
-
Size
38KB
-
MD5
4c51b7a7e00da3a7f4960273833ff3ef
-
SHA1
528b85c0b56b37c9eb1a7babe16952d98807ef85
-
SHA256
cccdde3b94a3029bed8639ebafff79e81b348fa99dd641015f9469fc29797b33
-
SHA512
7a94c551a62601993bbf890b51877671cb40453105d6d9c96f2b726bb582ce35dd71447c666093ff818398087f3b970586833f90251c1186aab05026f1ff4d63
-
SSDEEP
768:XW2NNz4acho12F5a7o00PNZcnJZMffGXEKOlgm/2353g5y0R:XW2bz4acho1v0PNeqGUjGs23VC7R
Score8/10-
Drops file in Drivers directory
-
Event Triggered Execution: Image File Execution Options Injection
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Image File Execution Options Injection
1