General
-
Target
be93b30011b5604b6d2e77d95acad25b_JaffaCakes118
-
Size
332KB
-
Sample
240824-ph86xa1frl
-
MD5
be93b30011b5604b6d2e77d95acad25b
-
SHA1
3c7692b70e1449ef4b0b8d0b6ad14bc838114301
-
SHA256
3e23fcd434d05af6b9ec3cd2382430c0ef8bd6cff67000b43dcc4110daed4039
-
SHA512
0be58f66bfa366c44a20fe1615fbc423487dd08595cd0176171b30c5a6bb45fb53de2349fc94c687ccce38fbb44abb34fb4a958b331f86e7f3455474fdba7ed5
-
SSDEEP
6144:pFNVIkU3Sx7YjyHq7KzjMIgSLYxlmJ3YtbVtwdSJ53S6AbofVo89T:pJIL3Kjr5gSOy3YZC6Bo
Malware Config
Targets
-
-
Target
be93b30011b5604b6d2e77d95acad25b_JaffaCakes118
-
Size
332KB
-
MD5
be93b30011b5604b6d2e77d95acad25b
-
SHA1
3c7692b70e1449ef4b0b8d0b6ad14bc838114301
-
SHA256
3e23fcd434d05af6b9ec3cd2382430c0ef8bd6cff67000b43dcc4110daed4039
-
SHA512
0be58f66bfa366c44a20fe1615fbc423487dd08595cd0176171b30c5a6bb45fb53de2349fc94c687ccce38fbb44abb34fb4a958b331f86e7f3455474fdba7ed5
-
SSDEEP
6144:pFNVIkU3Sx7YjyHq7KzjMIgSLYxlmJ3YtbVtwdSJ53S6AbofVo89T:pJIL3Kjr5gSOy3YZC6Bo
Score8/10-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Disables taskbar notifications via registry modification
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Active Setup
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Change Default File Association
1Privilege Escalation
Boot or Logon Autostart Execution
2Active Setup
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Change Default File Association
1