General
-
Target
8a7452d0765cb2631ea85a2133d584e5_JaffaCakes118
-
Size
532KB
-
Sample
240811-p9zfsazhnr
-
MD5
8a7452d0765cb2631ea85a2133d584e5
-
SHA1
3046e7d294bb409346863553df9386eef4a332f9
-
SHA256
ee53595f2e9f60eac651288dc5515f96cda3d6eec9cd710bac904896df8d8a17
-
SHA512
17776d73951c4d37287b6f6924971f331de169a32dc5e5886750eba3a0e9ca6ec3094b2e9dd52dafc5c87c717717a72e9d3f7c31980d961c8a7cc5ea89818592
-
SSDEEP
6144:LvBA78H7sQr4Afbhba52Oj2sIREStom2/iV2FNqxEsOA6sU7:FA7DVAfbOCsIjo6H3e
Malware Config
Targets
-
-
Target
8a7452d0765cb2631ea85a2133d584e5_JaffaCakes118
-
Size
532KB
-
MD5
8a7452d0765cb2631ea85a2133d584e5
-
SHA1
3046e7d294bb409346863553df9386eef4a332f9
-
SHA256
ee53595f2e9f60eac651288dc5515f96cda3d6eec9cd710bac904896df8d8a17
-
SHA512
17776d73951c4d37287b6f6924971f331de169a32dc5e5886750eba3a0e9ca6ec3094b2e9dd52dafc5c87c717717a72e9d3f7c31980d961c8a7cc5ea89818592
-
SSDEEP
6144:LvBA78H7sQr4Afbhba52Oj2sIREStom2/iV2FNqxEsOA6sU7:FA7DVAfbOCsIjo6H3e
Score10/10-
Modifies firewall policy service
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Defense Evasion
Impair Defenses
1Disable or Modify System Firewall
1Modify Registry
2