General
-
Target
d6fa32371ec0d8523a934611cbbf9ca3_JaffaCakes118
-
Size
1.9MB
-
Sample
240909-ydw58aybpe
-
MD5
d6fa32371ec0d8523a934611cbbf9ca3
-
SHA1
8191c405f89102604ccefb243ce26c4baa2442de
-
SHA256
d9ee6f0f4d1d0548dccee0041aed40d2adc00661f3478e05f08f2148aa6fa213
-
SHA512
8a6780822ac5c6ce855e8f426d98d8ae4ee1533ea8e2d2a7ace9ebfb3b1f5d3a5932327eb5fe361bca1b446b52cd1803516d717ce69d20e80f5b64ab59c924c0
-
SSDEEP
49152:rF+dlDgHwuzGdZNwO7GiM59kYV7tQnXLMf0yd6GLJ/yQgYsWjrad:rF+3DgHRGdZzGi09dmhpk/jgY4
Malware Config
Targets
-
-
Target
d6fa32371ec0d8523a934611cbbf9ca3_JaffaCakes118
-
Size
1.9MB
-
MD5
d6fa32371ec0d8523a934611cbbf9ca3
-
SHA1
8191c405f89102604ccefb243ce26c4baa2442de
-
SHA256
d9ee6f0f4d1d0548dccee0041aed40d2adc00661f3478e05f08f2148aa6fa213
-
SHA512
8a6780822ac5c6ce855e8f426d98d8ae4ee1533ea8e2d2a7ace9ebfb3b1f5d3a5932327eb5fe361bca1b446b52cd1803516d717ce69d20e80f5b64ab59c924c0
-
SSDEEP
49152:rF+dlDgHwuzGdZNwO7GiM59kYV7tQnXLMf0yd6GLJ/yQgYsWjrad:rF+3DgHRGdZzGi09dmhpk/jgY4
Score8/10-
Modifies Windows Firewall
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Defense Evasion
Impair Defenses
1Disable or Modify System Firewall
1Modify Registry
2