General
-
Target
b9bd2307997676d402d93874629a4468_JaffaCakes118
-
Size
640KB
-
Sample
240823-basmaszamm
-
MD5
b9bd2307997676d402d93874629a4468
-
SHA1
a787d4aa7795a01f02c8cbf1167c52f801a4155b
-
SHA256
69e7ff4781761ce4713c6fb86246dac868ef2d96d6a60cbba41dc1085d919cf9
-
SHA512
596479b0d9c52ac3af3f35fb1cdc68a5b22192f28481be7115c8ca55d10478e0e27a1fe792640304db3d3c2e81b4be4bf90330d9362a2665f0172cd36ea2dc1d
-
SSDEEP
12288:MGwmD7Q0et9sakUNPO2YBp3Cz1RGyXfOqv9auzS+ddJ1ct/7lP+zdanCoPfjOK77:M0D7BI0zqrdMj/ndJfth
Malware Config
Targets
-
-
Target
b9bd2307997676d402d93874629a4468_JaffaCakes118
-
Size
640KB
-
MD5
b9bd2307997676d402d93874629a4468
-
SHA1
a787d4aa7795a01f02c8cbf1167c52f801a4155b
-
SHA256
69e7ff4781761ce4713c6fb86246dac868ef2d96d6a60cbba41dc1085d919cf9
-
SHA512
596479b0d9c52ac3af3f35fb1cdc68a5b22192f28481be7115c8ca55d10478e0e27a1fe792640304db3d3c2e81b4be4bf90330d9362a2665f0172cd36ea2dc1d
-
SSDEEP
12288:MGwmD7Q0et9sakUNPO2YBp3Cz1RGyXfOqv9auzS+ddJ1ct/7lP+zdanCoPfjOK77:M0D7BI0zqrdMj/ndJfth
Score10/10-
Modifies firewall policy service
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1