General
-
Target
JaffaCakes118_e87b16fc62f17a53eaa9c8700b01cf35
-
Size
340KB
-
Sample
250211-vmn97atmak
-
MD5
e87b16fc62f17a53eaa9c8700b01cf35
-
SHA1
929cea9785c846da2e771b558b1eff514e3fd308
-
SHA256
4355ee225a00835e561c2dab2202d393e34f187c83f6a920023da8a3bf11ea26
-
SHA512
aa505da60a4a6e0393e84ba0fde51fbf741d5cfff872a975141f37ae144289e1cab1d2187c669485361899bd49a539c54590455424722ff39524fe78059366fd
-
SSDEEP
6144:OG78LjzOANvSAsQLqF9pXMiY3sGB6UduRfLtck:Z7kmAN6omFMb3sGB6UduRfLak
Behavioral task
behavioral1
Sample
JaffaCakes118_e87b16fc62f17a53eaa9c8700b01cf35.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
JaffaCakes118_e87b16fc62f17a53eaa9c8700b01cf35.exe
Resource
win10v2004-20250207-en
Malware Config
Targets
-
-
Target
JaffaCakes118_e87b16fc62f17a53eaa9c8700b01cf35
-
Size
340KB
-
MD5
e87b16fc62f17a53eaa9c8700b01cf35
-
SHA1
929cea9785c846da2e771b558b1eff514e3fd308
-
SHA256
4355ee225a00835e561c2dab2202d393e34f187c83f6a920023da8a3bf11ea26
-
SHA512
aa505da60a4a6e0393e84ba0fde51fbf741d5cfff872a975141f37ae144289e1cab1d2187c669485361899bd49a539c54590455424722ff39524fe78059366fd
-
SSDEEP
6144:OG78LjzOANvSAsQLqF9pXMiY3sGB6UduRfLtck:Z7kmAN6omFMb3sGB6UduRfLak
Score10/10-
Modifies firewall policy service
-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Downloads MZ/PE file
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Active Setup
1Create or Modify System Process
1Windows Service
1Privilege Escalation
Boot or Logon Autostart Execution
1Active Setup
1Create or Modify System Process
1Windows Service
1Defense Evasion
Impair Defenses
1Disable or Modify System Firewall
1Modify Registry
3