General
-
Target
b9a5574b66199c878df98f95c6f4152b_JaffaCakes118
-
Size
441KB
-
Sample
240823-apj32awald
-
MD5
b9a5574b66199c878df98f95c6f4152b
-
SHA1
d208fd57a1c1da6a3328b0ac71b7657ca04bd95e
-
SHA256
822340e482de15d692ee90aae105707d9abc24e8becac3bdc88d09e105913227
-
SHA512
2d73f4a62e0a957ac6e0bffe139f5b21f7a694ed8f11fd04370b84c6374d8f23354345a3a6b14d33a27b8c6f04843eaeb98c35cfdf5c1f6481e9c1c3f7bfa43e
-
SSDEEP
6144:R+os7Qwgw7Z9ca4xyn4Z8hjcUuYiAluTZEbDjPaoJe6rMSAesBmk9Z:R+os/Bq/8hjcdVGPbk6r3AeUX
Malware Config
Targets
-
-
Target
b9a5574b66199c878df98f95c6f4152b_JaffaCakes118
-
Size
441KB
-
MD5
b9a5574b66199c878df98f95c6f4152b
-
SHA1
d208fd57a1c1da6a3328b0ac71b7657ca04bd95e
-
SHA256
822340e482de15d692ee90aae105707d9abc24e8becac3bdc88d09e105913227
-
SHA512
2d73f4a62e0a957ac6e0bffe139f5b21f7a694ed8f11fd04370b84c6374d8f23354345a3a6b14d33a27b8c6f04843eaeb98c35cfdf5c1f6481e9c1c3f7bfa43e
-
SSDEEP
6144:R+os7Qwgw7Z9ca4xyn4Z8hjcUuYiAluTZEbDjPaoJe6rMSAesBmk9Z:R+os/Bq/8hjcdVGPbk6r3AeUX
Score8/10-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Active Setup
1Registry Run Keys / Startup Folder
1Privilege Escalation
Boot or Logon Autostart Execution
2Active Setup
1Registry Run Keys / Startup Folder
1