General
-
Target
eeb01fa0743d3b3a4349e1fb2a498acc_JaffaCakes118
-
Size
364KB
-
Sample
240920-3z38wavgme
-
MD5
eeb01fa0743d3b3a4349e1fb2a498acc
-
SHA1
2ff4536446d7d4b8c973b3d28b612217c3099538
-
SHA256
56e55b9bfeb685b21f6b50ec887a9f5892f4eb447defb85efc7ca4380549200e
-
SHA512
b79869caa921420d4f28200ab43e64f3dab85cd360ce8cb1aa3a6bfa637959ff88de420185280e58643f9236bcaa6c6829e34c570fc7816512a903aca0e55a1a
-
SSDEEP
6144:3Xc2XtsXWX7DEXs1yq/c1SWOXVGQSmPWwNWcCuqZXzXgTi13lLFNSFAhaQ5q:c2XtsXWXfu1yF3S5ZXzXgT0V8E
Malware Config
Targets
-
-
Target
eeb01fa0743d3b3a4349e1fb2a498acc_JaffaCakes118
-
Size
364KB
-
MD5
eeb01fa0743d3b3a4349e1fb2a498acc
-
SHA1
2ff4536446d7d4b8c973b3d28b612217c3099538
-
SHA256
56e55b9bfeb685b21f6b50ec887a9f5892f4eb447defb85efc7ca4380549200e
-
SHA512
b79869caa921420d4f28200ab43e64f3dab85cd360ce8cb1aa3a6bfa637959ff88de420185280e58643f9236bcaa6c6829e34c570fc7816512a903aca0e55a1a
-
SSDEEP
6144:3Xc2XtsXWX7DEXs1yq/c1SWOXVGQSmPWwNWcCuqZXzXgTi13lLFNSFAhaQ5q:c2XtsXWXfu1yF3S5ZXzXgT0V8E
Score10/10-
Modifies firewall policy service
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1