General
-
Target
bc27b2a0eadea556f1ece9fcd1fe0e84_JaffaCakes118
-
Size
652KB
-
Sample
240823-r2atkazepb
-
MD5
bc27b2a0eadea556f1ece9fcd1fe0e84
-
SHA1
de52caf05c03f4457e303be2d6b9e5fcbb3feacf
-
SHA256
175121d42f14bd5b032c67e513bab060ff2010adc9372ae49b23b6bafc2ebedd
-
SHA512
cbdb878ba7be95d555418eedda29ab5f82dea559c1e3bf0657abbdc5d93a0c0ccca6ba14330061f90cd233bd3915f292fa7e276feb289a00186c140496f73093
-
SSDEEP
12288:UsAqMGHGSX1388BxGVILSY4oSe8lUzXvJlzosZbain+1rx7G6obHtUDDaEk:UsBbWOSY4He8KXxxN+i+N6LtUDLk
Malware Config
Targets
-
-
Target
bc27b2a0eadea556f1ece9fcd1fe0e84_JaffaCakes118
-
Size
652KB
-
MD5
bc27b2a0eadea556f1ece9fcd1fe0e84
-
SHA1
de52caf05c03f4457e303be2d6b9e5fcbb3feacf
-
SHA256
175121d42f14bd5b032c67e513bab060ff2010adc9372ae49b23b6bafc2ebedd
-
SHA512
cbdb878ba7be95d555418eedda29ab5f82dea559c1e3bf0657abbdc5d93a0c0ccca6ba14330061f90cd233bd3915f292fa7e276feb289a00186c140496f73093
-
SSDEEP
12288:UsAqMGHGSX1388BxGVILSY4oSe8lUzXvJlzosZbain+1rx7G6obHtUDDaEk:UsBbWOSY4He8KXxxN+i+N6LtUDLk
Score8/10-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Executes dropped EXE
-
Modifies system executable filetype association
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Active Setup
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Change Default File Association
1