General
-
Target
69ef8c27a922606fef1880bc627c387f_JaffaCakes118
-
Size
385KB
-
Sample
240724-c2kw7stbrn
-
MD5
69ef8c27a922606fef1880bc627c387f
-
SHA1
58c7543fb252bd107e7d42abf5b8fa1aaca51237
-
SHA256
23994e3ed2d44b91c44ae7254b1f2161dda998c062dc7987d41767ec7e1f6764
-
SHA512
8465f9049b46d16e2e7e8a739b91854df1c6805cfac9a4e96672ec30253237dc366da2dcc3cc7e6f1cf59309b6b45efdbedf8ac9b42cc6c6e2b3901e22da212b
-
SSDEEP
6144:8H2de5/nBuyjTX2LxyFC9SFr3Zl3432UrRAq8kYbo5lP:8D/4L05Jl3LUrMfbo
Malware Config
Targets
-
-
Target
69ef8c27a922606fef1880bc627c387f_JaffaCakes118
-
Size
385KB
-
MD5
69ef8c27a922606fef1880bc627c387f
-
SHA1
58c7543fb252bd107e7d42abf5b8fa1aaca51237
-
SHA256
23994e3ed2d44b91c44ae7254b1f2161dda998c062dc7987d41767ec7e1f6764
-
SHA512
8465f9049b46d16e2e7e8a739b91854df1c6805cfac9a4e96672ec30253237dc366da2dcc3cc7e6f1cf59309b6b45efdbedf8ac9b42cc6c6e2b3901e22da212b
-
SSDEEP
6144:8H2de5/nBuyjTX2LxyFC9SFr3Zl3432UrRAq8kYbo5lP:8D/4L05Jl3LUrMfbo
Score10/10-
Modifies firewall policy service
-
Adds policy Run key to start application
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Create or Modify System Process
1Windows Service
1Privilege Escalation
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Create or Modify System Process
1Windows Service
1