General
-
Target
d4603ce948161cfce169dd8caa0446a5_JaffaCakes118
-
Size
936KB
-
Sample
240908-ptc8lswepn
-
MD5
d4603ce948161cfce169dd8caa0446a5
-
SHA1
686772e027a78ebd4d65afbc517cc600111854b7
-
SHA256
e318e87cee5e460f14febd5e987a2a7c75fa7b51d04dfa4e58a6eb9909888d10
-
SHA512
e55684b74132938b6c012a6ee5eb1fcd1a8e3373c9f4746ae96dbd3499a9ec5b55f2545ce04f33fa33c6352c00e260b1733c292e42444e64a9f89e711a58a562
-
SSDEEP
12288:khU2efsgcPiGSn8GUsluUGsQnoPWEwth3MBav+4Ag2zo/VFbgxi9ZZrEm3aKiy6m:kSrAPX3dDgJv3EX6L
Malware Config
Targets
-
-
Target
d4603ce948161cfce169dd8caa0446a5_JaffaCakes118
-
Size
936KB
-
MD5
d4603ce948161cfce169dd8caa0446a5
-
SHA1
686772e027a78ebd4d65afbc517cc600111854b7
-
SHA256
e318e87cee5e460f14febd5e987a2a7c75fa7b51d04dfa4e58a6eb9909888d10
-
SHA512
e55684b74132938b6c012a6ee5eb1fcd1a8e3373c9f4746ae96dbd3499a9ec5b55f2545ce04f33fa33c6352c00e260b1733c292e42444e64a9f89e711a58a562
-
SSDEEP
12288:khU2efsgcPiGSn8GUsluUGsQnoPWEwth3MBav+4Ag2zo/VFbgxi9ZZrEm3aKiy6m:kSrAPX3dDgJv3EX6L
Score10/10-
Modifies firewall policy service
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1