General
-
Target
4dfbbd6e6872023dbc3afe2859baa021_JaffaCakes118
-
Size
6KB
-
Sample
240716-mv3tjs1gkd
-
MD5
4dfbbd6e6872023dbc3afe2859baa021
-
SHA1
29e9fdb0fdff743e1d4616af88f385abe3b9ec65
-
SHA256
f760e5bc04a7d2b7410b28b8b7e2c6d9835a3df0ba512ab2eaff66fe6a7310a6
-
SHA512
e514e0fd5e37176637e938d2633439e60ea3998228a948afb2e9c6879a0b8044454785f7c480ab7f80e5eda2ef71150a038fb77155a7c1b11e3b024235ffa180
-
SSDEEP
192:bF2R2Iss06177bcvo/0ByQqqESUjoBP8UNyon4:bERx17cK0Jq/5iFB4
Malware Config
Targets
-
-
Target
4dfbbd6e6872023dbc3afe2859baa021_JaffaCakes118
-
Size
6KB
-
MD5
4dfbbd6e6872023dbc3afe2859baa021
-
SHA1
29e9fdb0fdff743e1d4616af88f385abe3b9ec65
-
SHA256
f760e5bc04a7d2b7410b28b8b7e2c6d9835a3df0ba512ab2eaff66fe6a7310a6
-
SHA512
e514e0fd5e37176637e938d2633439e60ea3998228a948afb2e9c6879a0b8044454785f7c480ab7f80e5eda2ef71150a038fb77155a7c1b11e3b024235ffa180
-
SSDEEP
192:bF2R2Iss06177bcvo/0ByQqqESUjoBP8UNyon4:bERx17cK0Jq/5iFB4
Score8/10-
Disables Task Manager via registry modification
-
Modifies Windows Firewall
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1