General
-
Target
JaffaCakes118_8a0cdb65a88974b6aa173767baf35a24
-
Size
24KB
-
Sample
250327-zxx3aszps8
-
MD5
8a0cdb65a88974b6aa173767baf35a24
-
SHA1
830da8b8f28d00d55d1b4a6e477609bcda8a4564
-
SHA256
c91dd3168d8865c5b01e8556d6d8f49cfba14cdac24a3482a47b4eeed127e9b2
-
SHA512
c092fa0ef7a1dcd106c80c717693c0c601a4e4525f2251b05d05686547109b4b72f525b4914cb80f9836230d718567ee40be5834f972e1be6d7d176b71635d78
-
SSDEEP
384:H6Lz0OyPaGPbG8FecNrgzbUFPlfRNefMfNq8UFsKWRzpeancfKykJIyfgS9/V+iV:H6Lo1RPbPFHRgzwFPlf/efMTiI8q
Malware Config
Targets
-
-
Target
JaffaCakes118_8a0cdb65a88974b6aa173767baf35a24
-
Size
24KB
-
MD5
8a0cdb65a88974b6aa173767baf35a24
-
SHA1
830da8b8f28d00d55d1b4a6e477609bcda8a4564
-
SHA256
c91dd3168d8865c5b01e8556d6d8f49cfba14cdac24a3482a47b4eeed127e9b2
-
SHA512
c092fa0ef7a1dcd106c80c717693c0c601a4e4525f2251b05d05686547109b4b72f525b4914cb80f9836230d718567ee40be5834f972e1be6d7d176b71635d78
-
SSDEEP
384:H6Lz0OyPaGPbG8FecNrgzbUFPlfRNefMfNq8UFsKWRzpeancfKykJIyfgS9/V+iV:H6Lo1RPbPFHRgzwFPlf/efMTiI8q
Score10/10-
Gink
-
Gink family
-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Executes dropped EXE
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Active Setup
1Registry Run Keys / Startup Folder
1Privilege Escalation
Boot or Logon Autostart Execution
2Active Setup
1Registry Run Keys / Startup Folder
1