General
-
Target
7475375c47ded7bd2e5d129078ea59ba_JaffaCakes118
-
Size
716KB
-
Sample
240726-rxea7atdnn
-
MD5
7475375c47ded7bd2e5d129078ea59ba
-
SHA1
8094de2dbfb693ed4c59cc59fe7841b8277dc2db
-
SHA256
eb48b212635c3c974e293286a2cc1ad8db6824591c242543e7fa953f4e92a1f2
-
SHA512
f81baea46e53d63d1ddb0f8a73dbbbd4a9e4e80dc3b5024992c0fd266228e5c673bf4fef9b0040b74095c09e923068acb3d9dc38fdb557a18ac00e1ec88475e9
-
SSDEEP
12288:NtKe6Zv23YdqMGHGSX1388BxGVI43GVpinJMcODu5OcQlgv7JZ8fN/UuCPR6yLpA:d6Zv2jbW1SaR7QivMf9APRfLu
Malware Config
Targets
-
-
Target
7475375c47ded7bd2e5d129078ea59ba_JaffaCakes118
-
Size
716KB
-
MD5
7475375c47ded7bd2e5d129078ea59ba
-
SHA1
8094de2dbfb693ed4c59cc59fe7841b8277dc2db
-
SHA256
eb48b212635c3c974e293286a2cc1ad8db6824591c242543e7fa953f4e92a1f2
-
SHA512
f81baea46e53d63d1ddb0f8a73dbbbd4a9e4e80dc3b5024992c0fd266228e5c673bf4fef9b0040b74095c09e923068acb3d9dc38fdb557a18ac00e1ec88475e9
-
SSDEEP
12288:NtKe6Zv23YdqMGHGSX1388BxGVI43GVpinJMcODu5OcQlgv7JZ8fN/UuCPR6yLpA:d6Zv2jbW1SaR7QivMf9APRfLu
Score8/10-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Executes dropped EXE
-
Modifies system executable filetype association
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Active Setup
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Change Default File Association
1