General
-
Target
eec6cb93dfd30ffacb39eaa1fa18fa14_JaffaCakes118
-
Size
579KB
-
Sample
240921-beew1axfng
-
MD5
eec6cb93dfd30ffacb39eaa1fa18fa14
-
SHA1
01ea1384577a2c89e26ff7b240f30486bb22d323
-
SHA256
3cd3f84f0eff128eef8a4296e429c128632f42e23dc61964a7a3d9f3146cadde
-
SHA512
39e2b32d50b59b95a3d2b8e29ee5fadfe2d06b3c82d1ab088a434f780fd634ebe2803d02e3085693aaf80287fab73f2d7c1908347f96cec0c08edc32f0b121a9
-
SSDEEP
12288:RW2Ej2Pqnr2tavzhxLhFLtrfnuJr05c6kb:RdEjOqn0avhFLtjsrX
Malware Config
Targets
-
-
Target
eec6cb93dfd30ffacb39eaa1fa18fa14_JaffaCakes118
-
Size
579KB
-
MD5
eec6cb93dfd30ffacb39eaa1fa18fa14
-
SHA1
01ea1384577a2c89e26ff7b240f30486bb22d323
-
SHA256
3cd3f84f0eff128eef8a4296e429c128632f42e23dc61964a7a3d9f3146cadde
-
SHA512
39e2b32d50b59b95a3d2b8e29ee5fadfe2d06b3c82d1ab088a434f780fd634ebe2803d02e3085693aaf80287fab73f2d7c1908347f96cec0c08edc32f0b121a9
-
SSDEEP
12288:RW2Ej2Pqnr2tavzhxLhFLtrfnuJr05c6kb:RdEjOqn0avhFLtjsrX
Score10/10-
Modifies firewall policy service
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1