General
-
Target
0f207f6cbc6907d2a5a8c9ef1adb39b5_JaffaCakes118
-
Size
15KB
-
Sample
241003-rqggzataqe
-
MD5
0f207f6cbc6907d2a5a8c9ef1adb39b5
-
SHA1
631191a0c09ee7343221732b90c5af95f17c1234
-
SHA256
05c3d84cdd095ffb72f5cd082c0e68dc1d01634ec93e04a18abfd3c25d090773
-
SHA512
dd59ffc0855bb3918930f6b3f803dc4b89d6be26eb6fc1f9972e0fbf4a775f5eaac84a348220f67a87c4c825fb1a241a187772909d86533a144c851175ea4cca
-
SSDEEP
192:CfshVzmevSiIlvw9pFcdR7jWxpknK/IXf0C1f346u0MvmmKVFukPyNExN4OqY4C:CdzVlvyPMdjgpiXXl3i0Mve3AqqY
Malware Config
Targets
-
-
Target
0f207f6cbc6907d2a5a8c9ef1adb39b5_JaffaCakes118
-
Size
15KB
-
MD5
0f207f6cbc6907d2a5a8c9ef1adb39b5
-
SHA1
631191a0c09ee7343221732b90c5af95f17c1234
-
SHA256
05c3d84cdd095ffb72f5cd082c0e68dc1d01634ec93e04a18abfd3c25d090773
-
SHA512
dd59ffc0855bb3918930f6b3f803dc4b89d6be26eb6fc1f9972e0fbf4a775f5eaac84a348220f67a87c4c825fb1a241a187772909d86533a144c851175ea4cca
-
SSDEEP
192:CfshVzmevSiIlvw9pFcdR7jWxpknK/IXf0C1f346u0MvmmKVFukPyNExN4OqY4C:CdzVlvyPMdjgpiXXl3i0Mve3AqqY
Score8/10-
Disables Task Manager via registry modification
-
Modifies Windows Firewall
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1