General
-
Target
JaffaCakes118_8ad173787e1bda0379832e01a301ff26
-
Size
27KB
-
Sample
250328-td5edaznt9
-
MD5
8ad173787e1bda0379832e01a301ff26
-
SHA1
79ee55b602ce209808ed5b226389c410d2885107
-
SHA256
fdc22126f2ce3edf5289f6caea6a63dd233343fb7e408897ba7039a43172304a
-
SHA512
ee7f3f2816e15e32aed39cbac8e2d624f7956486988b765e04d6a08a75005c4708f788fceeff5cf7da41c9f233a9d333a0f3f5c5fec3c97c451f4adc80cc7c0c
-
SSDEEP
384:FZcpzCIqdG3A3WUkx38GZDJuJbf1+o44u8gHzUoY40wFT3SlVSUn1x5+rqQA:SCIqdH/k1ZVcT194jp4NUT3uVj1+rqT
Malware Config
Targets
-
-
Target
JaffaCakes118_8ad173787e1bda0379832e01a301ff26
-
Size
27KB
-
MD5
8ad173787e1bda0379832e01a301ff26
-
SHA1
79ee55b602ce209808ed5b226389c410d2885107
-
SHA256
fdc22126f2ce3edf5289f6caea6a63dd233343fb7e408897ba7039a43172304a
-
SHA512
ee7f3f2816e15e32aed39cbac8e2d624f7956486988b765e04d6a08a75005c4708f788fceeff5cf7da41c9f233a9d333a0f3f5c5fec3c97c451f4adc80cc7c0c
-
SSDEEP
384:FZcpzCIqdG3A3WUkx38GZDJuJbf1+o44u8gHzUoY40wFT3SlVSUn1x5+rqQA:SCIqdH/k1ZVcT194jp4NUT3uVj1+rqT
Score10/10-
Detects MyDoom family
-
MyDoom
MyDoom is a Worm that is written in C++.
-
Mydoom family
-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Executes dropped EXE
-
Adds Run key to start application
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Active Setup
1Registry Run Keys / Startup Folder
1Privilege Escalation
Boot or Logon Autostart Execution
2Active Setup
1Registry Run Keys / Startup Folder
1