General
-
Target
ed43034c912ea126f4a6279274434e49_JaffaCakes118
-
Size
90KB
-
Sample
240920-k1b7nsyfpl
-
MD5
ed43034c912ea126f4a6279274434e49
-
SHA1
d2bfd3f7611cdbb58bc0401ac9d85edb53480b5d
-
SHA256
88c5cc99d3800d4892b505ac6dc18991f904fc10c279ad1dc113905cf6f844a9
-
SHA512
65a5b68bf1df1547082f90c6140734f4deb7f70c3960c045a4004d79b9ee1467cd6e412963a9fdae6f70eec51449ae92b8fe66a16559ccaf8ee9ddc53ecad168
-
SSDEEP
1536:d0oCSi5lW1lYiYUknnx6NDgw/Va0pGKSpPlmbhWtnoPJhEdRN:dJCmXYhUknnx6NDlBpGHfmbUtnoBhEjN
Malware Config
Targets
-
-
Target
ed43034c912ea126f4a6279274434e49_JaffaCakes118
-
Size
90KB
-
MD5
ed43034c912ea126f4a6279274434e49
-
SHA1
d2bfd3f7611cdbb58bc0401ac9d85edb53480b5d
-
SHA256
88c5cc99d3800d4892b505ac6dc18991f904fc10c279ad1dc113905cf6f844a9
-
SHA512
65a5b68bf1df1547082f90c6140734f4deb7f70c3960c045a4004d79b9ee1467cd6e412963a9fdae6f70eec51449ae92b8fe66a16559ccaf8ee9ddc53ecad168
-
SSDEEP
1536:d0oCSi5lW1lYiYUknnx6NDgw/Va0pGKSpPlmbhWtnoPJhEdRN:dJCmXYhUknnx6NDlBpGHfmbUtnoBhEjN
Score10/10-
Modifies firewall policy service
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1