General
-
Target
fb36776ead5f32d8586a0ba921573cd3_JaffaCakes118
-
Size
3.3MB
-
Sample
240928-bchj4s1cpc
-
MD5
fb36776ead5f32d8586a0ba921573cd3
-
SHA1
7f68cf66e1102d807f65e7f1c741e4f0d173f6df
-
SHA256
8ede85f8eea30074c49b13a63c19a00963beab8e53b4ae088ce3616191ac144c
-
SHA512
e5396a38718f058d23f5057285bbaaea73195ba761e5fa24e613ad4937d52978da003a522a098916f6bc9b2d5218fcda9f8397c68296b68a7dd3eb7b578c8e56
-
SSDEEP
6144:C4q5QGOG+DoUpB9CD+1XViNPBwyp4kIonifdnpdaEM6:C4zDoUpBnXVYPZp4kt4neH6
Malware Config
Targets
-
-
Target
fb36776ead5f32d8586a0ba921573cd3_JaffaCakes118
-
Size
3.3MB
-
MD5
fb36776ead5f32d8586a0ba921573cd3
-
SHA1
7f68cf66e1102d807f65e7f1c741e4f0d173f6df
-
SHA256
8ede85f8eea30074c49b13a63c19a00963beab8e53b4ae088ce3616191ac144c
-
SHA512
e5396a38718f058d23f5057285bbaaea73195ba761e5fa24e613ad4937d52978da003a522a098916f6bc9b2d5218fcda9f8397c68296b68a7dd3eb7b578c8e56
-
SSDEEP
6144:C4q5QGOG+DoUpB9CD+1XViNPBwyp4kIonifdnpdaEM6:C4zDoUpBnXVYPZp4kt4neH6
Score10/10-
Modifies firewall policy service
-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Active Setup
1Create or Modify System Process
1Windows Service
1Privilege Escalation
Boot or Logon Autostart Execution
1Active Setup
1Create or Modify System Process
1Windows Service
1