General
-
Target
4c2c6add63b8a2821df8846db57872de_JaffaCakes118
-
Size
86KB
-
Sample
240716-bednyaxgpj
-
MD5
4c2c6add63b8a2821df8846db57872de
-
SHA1
3f201e33cd372077d341c95e0be7ecb07db21028
-
SHA256
972a450d9e241eac38d52e600769df70c7c488beab34d12dcd1358a439a53ef3
-
SHA512
23dda3f156cbb5a0e062773f95260341d626afb7b9e97cea2de7f39da039d6d03c1a7ef34f115468c42cb6e2bfc850175033f721b7a11621900f8f4f9bae69cc
-
SSDEEP
1536:T7VeKOHVV16peaEznhZqtN2W7ZO/fNWtWYujb3Q4/a26KLasU:lwLUwaEThxWQ/48QMa26KLasU
Malware Config
Targets
-
-
Target
4c2c6add63b8a2821df8846db57872de_JaffaCakes118
-
Size
86KB
-
MD5
4c2c6add63b8a2821df8846db57872de
-
SHA1
3f201e33cd372077d341c95e0be7ecb07db21028
-
SHA256
972a450d9e241eac38d52e600769df70c7c488beab34d12dcd1358a439a53ef3
-
SHA512
23dda3f156cbb5a0e062773f95260341d626afb7b9e97cea2de7f39da039d6d03c1a7ef34f115468c42cb6e2bfc850175033f721b7a11621900f8f4f9bae69cc
-
SSDEEP
1536:T7VeKOHVV16peaEznhZqtN2W7ZO/fNWtWYujb3Q4/a26KLasU:lwLUwaEThxWQ/48QMa26KLasU
Score8/10-
Creates new service(s)
-
Modifies service settings
Alters the configuration of existing services.
-
Server Software Component: Terminal Services DLL
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
2Windows Service
2Server Software Component
1Terminal Services DLL
1