General
-
Target
ae18b885dfcb95b855ff6912430ed482_JaffaCakes118
-
Size
673KB
-
Sample
240820-glw2rawflf
-
MD5
ae18b885dfcb95b855ff6912430ed482
-
SHA1
48c4252791e3ff4f84386c8c9229370ffac64d9c
-
SHA256
e09dc7cd997b79a9e7ed4aabe1a21c39b900915cca55ec83ec75a6a382d2ee95
-
SHA512
4fc4612dca599e72148717042eddc64900a2fc11c8e7103086771bacafd3b946d55788c5dba9da4afb4ef61618b04f9bf90bba4074edfe5db6cc81126fe4c8ce
-
SSDEEP
12288:UsAqMGHGSX1388BxGVILSY4oSewnvFdCHuFX5+5CC5Vpv5TNR+vBT5LTaQ:UsBbWOSY4HewnvFdr5SCWXRI3Lp
Malware Config
Targets
-
-
Target
ae18b885dfcb95b855ff6912430ed482_JaffaCakes118
-
Size
673KB
-
MD5
ae18b885dfcb95b855ff6912430ed482
-
SHA1
48c4252791e3ff4f84386c8c9229370ffac64d9c
-
SHA256
e09dc7cd997b79a9e7ed4aabe1a21c39b900915cca55ec83ec75a6a382d2ee95
-
SHA512
4fc4612dca599e72148717042eddc64900a2fc11c8e7103086771bacafd3b946d55788c5dba9da4afb4ef61618b04f9bf90bba4074edfe5db6cc81126fe4c8ce
-
SSDEEP
12288:UsAqMGHGSX1388BxGVILSY4oSewnvFdCHuFX5+5CC5Vpv5TNR+vBT5LTaQ:UsBbWOSY4HewnvFdr5SCWXRI3Lp
Score8/10-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Executes dropped EXE
-
Modifies system executable filetype association
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Active Setup
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Change Default File Association
1