General
-
Target
4d755a531d68bd56e71b403f102a0000_JaffaCakes118
-
Size
265KB
-
Sample
240716-jy3feasdqp
-
MD5
4d755a531d68bd56e71b403f102a0000
-
SHA1
7994b24365949ba2c42b92c909a688995fc38f3f
-
SHA256
183f97941daa9c160a331ba856e136179a98e527938f6d7ad8bbc8c80dfbb2d4
-
SHA512
1ffc41c0ff8281d1c1ccb0b8273b68294eef25916f22c574c13cae1681c1813e8e08502c427502688b81c2663419532ee43a96b9726f6fa2684488d7cd4daaf4
-
SSDEEP
6144:MRAhhJxX7bNIAROzTuft840Vp+4aKGunmYh4iltlB700oIw6:UsAAPF84ap+PKrnVztlh306
Malware Config
Targets
-
-
Target
4d755a531d68bd56e71b403f102a0000_JaffaCakes118
-
Size
265KB
-
MD5
4d755a531d68bd56e71b403f102a0000
-
SHA1
7994b24365949ba2c42b92c909a688995fc38f3f
-
SHA256
183f97941daa9c160a331ba856e136179a98e527938f6d7ad8bbc8c80dfbb2d4
-
SHA512
1ffc41c0ff8281d1c1ccb0b8273b68294eef25916f22c574c13cae1681c1813e8e08502c427502688b81c2663419532ee43a96b9726f6fa2684488d7cd4daaf4
-
SSDEEP
6144:MRAhhJxX7bNIAROzTuft840Vp+4aKGunmYh4iltlB700oIw6:UsAAPF84ap+PKrnVztlh306
Score8/10-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Executes dropped EXE
-
Modifies system executable filetype association
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Active Setup
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Change Default File Association
1