General
-
Target
c8551819944aa0b42b404e8a57696f99_JaffaCakes118
-
Size
361KB
-
Sample
240829-gqnwyaxamb
-
MD5
c8551819944aa0b42b404e8a57696f99
-
SHA1
991636fbefc638a505a2bc408a5417b02e6b1886
-
SHA256
881b6cfac026b21fb16d440f2239ccc8200c81c756ebcf334ba6f4b325f019a2
-
SHA512
7b84e9a2495f0a9e4dc7845b080d7e3f3685884b801fe39c62f4862ba8954b79a14c3e015ce17b21f9f6f5a63f7f1d86530b35eee57bea12d1907aef0e12906e
-
SSDEEP
6144:nqhMPkbj8olritKpGmgXIaik9gvrmQGfMcIZnpYAHIe+cg/fp:uEKGLXIJkwrmrrIZpYAHnk
Malware Config
Targets
-
-
Target
c8551819944aa0b42b404e8a57696f99_JaffaCakes118
-
Size
361KB
-
MD5
c8551819944aa0b42b404e8a57696f99
-
SHA1
991636fbefc638a505a2bc408a5417b02e6b1886
-
SHA256
881b6cfac026b21fb16d440f2239ccc8200c81c756ebcf334ba6f4b325f019a2
-
SHA512
7b84e9a2495f0a9e4dc7845b080d7e3f3685884b801fe39c62f4862ba8954b79a14c3e015ce17b21f9f6f5a63f7f1d86530b35eee57bea12d1907aef0e12906e
-
SSDEEP
6144:nqhMPkbj8olritKpGmgXIaik9gvrmQGfMcIZnpYAHIe+cg/fp:uEKGLXIJkwrmrrIZpYAHnk
Score10/10-
Modifies visibility of file extensions in Explorer
-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Change Default File Association
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Change Default File Association
1Defense Evasion
Hide Artifacts
2Hidden Files and Directories
2Modify Registry
4