General
-
Target
8d8e12ce826ab74086ad2bade5125f9f_JaffaCakes118
-
Size
352KB
-
Sample
240812-gh63jssdjf
-
MD5
8d8e12ce826ab74086ad2bade5125f9f
-
SHA1
3107e2cdd5a760786bae491f0b764b871e088f46
-
SHA256
5bc26c7693ff37be77434145a8c383da89123f9155a60bd417c7315c8d5fe307
-
SHA512
eb2f637b2482dcad37a5ae81bf81c3be76d1d34c76ba944ea5dff15f5450ff422ac12d792c6a7e96a8e21bb29702590d8b815ce639e557c85de8b04b1c69f525
-
SSDEEP
6144:yahlKL+Ah3FV1bcJzDHfeDnuVbewl5/6G:yElUvt1cRDH2DnuVbewl5SG
Malware Config
Targets
-
-
Target
8d8e12ce826ab74086ad2bade5125f9f_JaffaCakes118
-
Size
352KB
-
MD5
8d8e12ce826ab74086ad2bade5125f9f
-
SHA1
3107e2cdd5a760786bae491f0b764b871e088f46
-
SHA256
5bc26c7693ff37be77434145a8c383da89123f9155a60bd417c7315c8d5fe307
-
SHA512
eb2f637b2482dcad37a5ae81bf81c3be76d1d34c76ba944ea5dff15f5450ff422ac12d792c6a7e96a8e21bb29702590d8b815ce639e557c85de8b04b1c69f525
-
SSDEEP
6144:yahlKL+Ah3FV1bcJzDHfeDnuVbewl5/6G:yElUvt1cRDH2DnuVbewl5SG
Score10/10-
Modifies firewall policy service
-
Adds policy Run key to start application
-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Active Setup
1Registry Run Keys / Startup Folder
2Create or Modify System Process
1Windows Service
1Privilege Escalation
Boot or Logon Autostart Execution
3Active Setup
1Registry Run Keys / Startup Folder
2Create or Modify System Process
1Windows Service
1