General
-
Target
82c148ae04acf741b05dfd2deb960308_JaffaCakes118
-
Size
405KB
-
Sample
240802-c9pv5a1gml
-
MD5
82c148ae04acf741b05dfd2deb960308
-
SHA1
cc17765f76d058a481cad63899daef32568197f7
-
SHA256
f72cd845dbf14a22923f1ac4af4a48773bb60e5468da9b6b2a85ebd89ae96f70
-
SHA512
ee8b942c0a48717e38dec21080ca963a47ff1757cbf80413cae78c77f4e4ba4f41c52d05f38d54a6694a700909cbc6d3d2b582e9cfd7ca0bd640ef7d330f32ae
-
SSDEEP
12288:6TMZV2tukz7iNGA1wGHNKBYGW7tZXRvl:jqOwGHopW7tZXRvl
Malware Config
Targets
-
-
Target
82c148ae04acf741b05dfd2deb960308_JaffaCakes118
-
Size
405KB
-
MD5
82c148ae04acf741b05dfd2deb960308
-
SHA1
cc17765f76d058a481cad63899daef32568197f7
-
SHA256
f72cd845dbf14a22923f1ac4af4a48773bb60e5468da9b6b2a85ebd89ae96f70
-
SHA512
ee8b942c0a48717e38dec21080ca963a47ff1757cbf80413cae78c77f4e4ba4f41c52d05f38d54a6694a700909cbc6d3d2b582e9cfd7ca0bd640ef7d330f32ae
-
SSDEEP
12288:6TMZV2tukz7iNGA1wGHNKBYGW7tZXRvl:jqOwGHopW7tZXRvl
Score6/10-
Adds Run key to start application
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Browser Extensions
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1