General
-
Target
JaffaCakes118_ae6ed60f5ecff8e6777e77e576f91006
-
Size
336KB
-
Sample
250206-xn8rbsvrck
-
MD5
ae6ed60f5ecff8e6777e77e576f91006
-
SHA1
1123d66cbbc946a3aba7f3965c6e716d29f4586e
-
SHA256
a5735d1f26028af685067c9b6800e09c2c8ade54284b60585e0ade3ce0891b5f
-
SHA512
815bec1ff1917d502e15db13d5fe53b7800b6fe85317943584e731dbc23382206d56bc8550150a32cbf79031030411722ebbd368d4f6fee309dadccada2dfc57
-
SSDEEP
6144:FG78LjzOANvSAsQLqF9pXMiY3sGB6UduRfLtc+:07kmAN6omFMb3sGB6UduRfLa+
Malware Config
Targets
-
-
Target
JaffaCakes118_ae6ed60f5ecff8e6777e77e576f91006
-
Size
336KB
-
MD5
ae6ed60f5ecff8e6777e77e576f91006
-
SHA1
1123d66cbbc946a3aba7f3965c6e716d29f4586e
-
SHA256
a5735d1f26028af685067c9b6800e09c2c8ade54284b60585e0ade3ce0891b5f
-
SHA512
815bec1ff1917d502e15db13d5fe53b7800b6fe85317943584e731dbc23382206d56bc8550150a32cbf79031030411722ebbd368d4f6fee309dadccada2dfc57
-
SSDEEP
6144:FG78LjzOANvSAsQLqF9pXMiY3sGB6UduRfLtc+:07kmAN6omFMb3sGB6UduRfLa+
Score10/10-
Modifies firewall policy service
-
Adds policy Run key to start application
-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Active Setup
1Registry Run Keys / Startup Folder
2Create or Modify System Process
1Windows Service
1Privilege Escalation
Boot or Logon Autostart Execution
3Active Setup
1Registry Run Keys / Startup Folder
2Create or Modify System Process
1Windows Service
1