General
-
Target
bd59e9918e28577232273a9a9eef3008_JaffaCakes118
-
Size
319KB
-
Sample
240823-124w3ssalr
-
MD5
bd59e9918e28577232273a9a9eef3008
-
SHA1
0016ffd00a8bec75f78ad0cc139f4621bb06e27a
-
SHA256
cf9ef3470b5180edb6ae7ed8d8ed78aa7fa56cb93ae13b49fb8030cbe050695d
-
SHA512
682955574864844c4e114d8622b4266babc04d24fa48f7e3191c534e54054fbc0b0a2da87ba18b30535110f7b7ce85a9afcea03e844c6f991919e8845ba4fe5d
-
SSDEEP
6144:MRAhhJxX7bNIAROzTuaGz/5Eotrzp9Q9abcOOZoSCUYTgDcXODlIu:UsAAPaG5rzjQ9ab8dhYMlDlH
Malware Config
Targets
-
-
Target
bd59e9918e28577232273a9a9eef3008_JaffaCakes118
-
Size
319KB
-
MD5
bd59e9918e28577232273a9a9eef3008
-
SHA1
0016ffd00a8bec75f78ad0cc139f4621bb06e27a
-
SHA256
cf9ef3470b5180edb6ae7ed8d8ed78aa7fa56cb93ae13b49fb8030cbe050695d
-
SHA512
682955574864844c4e114d8622b4266babc04d24fa48f7e3191c534e54054fbc0b0a2da87ba18b30535110f7b7ce85a9afcea03e844c6f991919e8845ba4fe5d
-
SSDEEP
6144:MRAhhJxX7bNIAROzTuaGz/5Eotrzp9Q9abcOOZoSCUYTgDcXODlIu:UsAAPaG5rzjQ9ab8dhYMlDlH
Score8/10-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Executes dropped EXE
-
Modifies system executable filetype association
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Active Setup
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Change Default File Association
1