General
-
Target
b281f765bbfa7e040fad6f008ae8c04c_JaffaCakes118
-
Size
90KB
-
Sample
240821-hrrjwsvelg
-
MD5
b281f765bbfa7e040fad6f008ae8c04c
-
SHA1
e6fb520df901dbff255f50b1e27fd246cb3099fc
-
SHA256
596c19f6b2a98deebcd2d3c77b271aad5146ea5e1e9b41f42021e57e8c5eff39
-
SHA512
d95e43c23e8d4c8fbdff62efd8960ed70a6712319ae801cb88b2e33ab6ee6e02318ae36260fd76bdd1b0e6cd6d36d2ee461b08c19cb61431ff3c70f813cc5273
-
SSDEEP
1536:e82cHaALkTJj65mxF8korCwG4Hl+1Ohr0KMyFlB9Q/v4Lq/swRaZ3PN6XJ+bVtvF:eP/ALkTt65s+bWmuOwKDne4Lq/Po16Xo
Malware Config
Targets
-
-
Target
b281f765bbfa7e040fad6f008ae8c04c_JaffaCakes118
-
Size
90KB
-
MD5
b281f765bbfa7e040fad6f008ae8c04c
-
SHA1
e6fb520df901dbff255f50b1e27fd246cb3099fc
-
SHA256
596c19f6b2a98deebcd2d3c77b271aad5146ea5e1e9b41f42021e57e8c5eff39
-
SHA512
d95e43c23e8d4c8fbdff62efd8960ed70a6712319ae801cb88b2e33ab6ee6e02318ae36260fd76bdd1b0e6cd6d36d2ee461b08c19cb61431ff3c70f813cc5273
-
SSDEEP
1536:e82cHaALkTJj65mxF8korCwG4Hl+1Ohr0KMyFlB9Q/v4Lq/swRaZ3PN6XJ+bVtvF:eP/ALkTt65s+bWmuOwKDne4Lq/Po16Xo
Score10/10-
Modifies firewall policy service
-
Drops file in Drivers directory
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1