General
-
Target
55ecb39bad80bfc05519dbe4e1e7764c_JaffaCakes118
-
Size
7KB
-
Sample
241018-g34g6asanc
-
MD5
55ecb39bad80bfc05519dbe4e1e7764c
-
SHA1
1df9e8db0c9e3f0dfdc1499f73f3391ca723c7ed
-
SHA256
d9e961f74c3d2ae66344c4a39e684478010db7e6aa379947aa67963d10482134
-
SHA512
cd15313b414ca6d432a9b051ac501ba91d2cb0980e2e6b86f9ee283b1e9cda981664ea75691da750779fe2e9d3b85786dcc5195f750d7774f534d3691f31c820
-
SSDEEP
192:BWlFil18P+uIPCNpujDeU2x/RJQf5l/DudSBSN4AsvI:BWI18iB2tlRJ4C084AH
Malware Config
Targets
-
-
Target
55ecb39bad80bfc05519dbe4e1e7764c_JaffaCakes118
-
Size
7KB
-
MD5
55ecb39bad80bfc05519dbe4e1e7764c
-
SHA1
1df9e8db0c9e3f0dfdc1499f73f3391ca723c7ed
-
SHA256
d9e961f74c3d2ae66344c4a39e684478010db7e6aa379947aa67963d10482134
-
SHA512
cd15313b414ca6d432a9b051ac501ba91d2cb0980e2e6b86f9ee283b1e9cda981664ea75691da750779fe2e9d3b85786dcc5195f750d7774f534d3691f31c820
-
SSDEEP
192:BWlFil18P+uIPCNpujDeU2x/RJQf5l/DudSBSN4AsvI:BWI18iB2tlRJ4C084AH
Score8/10-
Disables Task Manager via registry modification
-
Modifies Windows Firewall
-
Adds Run key to start application
-
Drops file in System32 directory
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1