General
-
Target
fe06368526d05abeb6eb9ee17843fd5b_JaffaCakes118
-
Size
351KB
-
Sample
240929-hym52sxamc
-
MD5
fe06368526d05abeb6eb9ee17843fd5b
-
SHA1
849372b0526fad7f5edaeb5161a79189cfc71b24
-
SHA256
260199f4797f81f89d770496f17b583d8d37b435b6b69b8426dd96439565c0a1
-
SHA512
b3e9751f795c0c78c830636ccbb384b92e7572af382eade632a67fbbebcc8c6f2c7acb2a361cb4ba60d80c77f234dceb816edf590bcd979323d399ac78b6eacc
-
SSDEEP
6144:NtKe6YiDdv3m3mgKHIl7bNIAROzTbdaOUdSeLTyl5e15YYZVPAtTyg6uaOoU:NtKe6Zv23YdAMHUgbl5sTZVYRygkOoU
Malware Config
Targets
-
-
Target
fe06368526d05abeb6eb9ee17843fd5b_JaffaCakes118
-
Size
351KB
-
MD5
fe06368526d05abeb6eb9ee17843fd5b
-
SHA1
849372b0526fad7f5edaeb5161a79189cfc71b24
-
SHA256
260199f4797f81f89d770496f17b583d8d37b435b6b69b8426dd96439565c0a1
-
SHA512
b3e9751f795c0c78c830636ccbb384b92e7572af382eade632a67fbbebcc8c6f2c7acb2a361cb4ba60d80c77f234dceb816edf590bcd979323d399ac78b6eacc
-
SSDEEP
6144:NtKe6YiDdv3m3mgKHIl7bNIAROzTbdaOUdSeLTyl5e15YYZVPAtTyg6uaOoU:NtKe6Zv23YdAMHUgbl5sTZVYRygkOoU
Score8/10-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Executes dropped EXE
-
Modifies system executable filetype association
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Active Setup
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Change Default File Association
1