General
-
Target
765be971668d5a96dc1312348b9cba3c_JaffaCakes118
-
Size
748KB
-
Sample
240727-ap2m3sxfnc
-
MD5
765be971668d5a96dc1312348b9cba3c
-
SHA1
0aa9fafdeed056c9272723b849650764609e53f4
-
SHA256
006bf21ac5576005131b01bfcc8754903b55c0dc1158e96ad06c33cdaca3bd82
-
SHA512
9a34fcb90453ed1c06b6763e96962cec79f96b25ddc1c8244d5ddb4a0970c49a5b6f6baab0eba3c8d02c258cf670f0a9835e84d5ce418a4f4caf81b78b652bc8
-
SSDEEP
12288:NtKe6Zv23YdqMGHGSX1388BxGVI43d+FPRjw/WDBCVaPO44lk33qsNrNqC2PhJTI:d6Zv2jbW1Wc/WDQZ44a36UACi1I
Malware Config
Targets
-
-
Target
765be971668d5a96dc1312348b9cba3c_JaffaCakes118
-
Size
748KB
-
MD5
765be971668d5a96dc1312348b9cba3c
-
SHA1
0aa9fafdeed056c9272723b849650764609e53f4
-
SHA256
006bf21ac5576005131b01bfcc8754903b55c0dc1158e96ad06c33cdaca3bd82
-
SHA512
9a34fcb90453ed1c06b6763e96962cec79f96b25ddc1c8244d5ddb4a0970c49a5b6f6baab0eba3c8d02c258cf670f0a9835e84d5ce418a4f4caf81b78b652bc8
-
SSDEEP
12288:NtKe6Zv23YdqMGHGSX1388BxGVI43d+FPRjw/WDBCVaPO44lk33qsNrNqC2PhJTI:d6Zv2jbW1Wc/WDQZ44a36UACi1I
Score8/10-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Executes dropped EXE
-
Modifies system executable filetype association
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Active Setup
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Change Default File Association
1