General
-
Target
d41fc4cbfff49a6d6a51c381a15b42cd_JaffaCakes118
-
Size
477KB
-
Sample
240908-l851dszgmm
-
MD5
d41fc4cbfff49a6d6a51c381a15b42cd
-
SHA1
494a128a76f8f0ef0f37741cc2ae76180b209b59
-
SHA256
31e281edc87adcaf9ae3bfb6d435dfe95653878302df0ef25afbe39350846548
-
SHA512
1afd48921f7c4199757e751b8ff82b650cb74073bc3d8cef4368d57c199e504e06c0b0635fc926ccaa23602a26f66a112aa29c508ac8fb9dde2193cc62e39520
-
SSDEEP
6144:S9YBClEpBxT+MMn2daCowfs9SgfTJwdh3ysF+2GkN27/DKYxlFsQftz2J4nVKKZo:DNVSnjCFfEyBkDykKYxTtA4n0so
Malware Config
Targets
-
-
Target
d41fc4cbfff49a6d6a51c381a15b42cd_JaffaCakes118
-
Size
477KB
-
MD5
d41fc4cbfff49a6d6a51c381a15b42cd
-
SHA1
494a128a76f8f0ef0f37741cc2ae76180b209b59
-
SHA256
31e281edc87adcaf9ae3bfb6d435dfe95653878302df0ef25afbe39350846548
-
SHA512
1afd48921f7c4199757e751b8ff82b650cb74073bc3d8cef4368d57c199e504e06c0b0635fc926ccaa23602a26f66a112aa29c508ac8fb9dde2193cc62e39520
-
SSDEEP
6144:S9YBClEpBxT+MMn2daCowfs9SgfTJwdh3ysF+2GkN27/DKYxlFsQftz2J4nVKKZo:DNVSnjCFfEyBkDykKYxTtA4n0so
Score8/10-
Adds policy Run key to start application
-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Molebox Virtualization software
Detects file using Molebox Virtualization software.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Active Setup
1Registry Run Keys / Startup Folder
2Privilege Escalation
Boot or Logon Autostart Execution
3Active Setup
1Registry Run Keys / Startup Folder
2