General
-
Target
c02117ba26a5a6939e8d52277cba03a0_JaffaCakes118
-
Size
655KB
-
Sample
240825-g2hjas1bml
-
MD5
c02117ba26a5a6939e8d52277cba03a0
-
SHA1
6d18f05992c5ede3f7b28c70f7a5b182f4346f0d
-
SHA256
bf31563b962c8d66d4ca8a8740ac13c9a42016434f4f4de10b54cac7d1aeae52
-
SHA512
d8ea2185af8a039644f7e080aa58993ea39060bc63052781f932739abd3a0428cb8d9c4b66a2b06606a34037ea2d5eea5705d670e959fc4ea804b8467e38d7a5
-
SSDEEP
12288:eGi3UjPsczGwh+dHN6qSr5xxSIb5zxlNPP3zyp5Zb3e5nfQXZfX8zyY5TDZ+Wk:eGxzzFsdyhSozLZD45pOGXZP8WYFZy
Malware Config
Targets
-
-
Target
c02117ba26a5a6939e8d52277cba03a0_JaffaCakes118
-
Size
655KB
-
MD5
c02117ba26a5a6939e8d52277cba03a0
-
SHA1
6d18f05992c5ede3f7b28c70f7a5b182f4346f0d
-
SHA256
bf31563b962c8d66d4ca8a8740ac13c9a42016434f4f4de10b54cac7d1aeae52
-
SHA512
d8ea2185af8a039644f7e080aa58993ea39060bc63052781f932739abd3a0428cb8d9c4b66a2b06606a34037ea2d5eea5705d670e959fc4ea804b8467e38d7a5
-
SSDEEP
12288:eGi3UjPsczGwh+dHN6qSr5xxSIb5zxlNPP3zyp5Zb3e5nfQXZfX8zyY5TDZ+Wk:eGxzzFsdyhSozLZD45pOGXZP8WYFZy
Score6/10-
Adds Run key to start application
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Browser Extensions
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1