General
-
Target
JaffaCakes118_8aefd589efeb7ceb795ca6cc58f9bf20
-
Size
496KB
-
Sample
250328-xxzj1ssjv7
-
MD5
8aefd589efeb7ceb795ca6cc58f9bf20
-
SHA1
35bb5e50341d3a72e82e996388c89bbaa9d2efbb
-
SHA256
2e3a7739fd9eb2e6bb2f7747918a025e1bbcd3f8c9fd952d0e4a879992084c9c
-
SHA512
d33a443f385345c1659b1e2a2080a9eaf8140117641a03cda7b0ec63ef004ea995fca0fc44b45768ead44ca080f31435aec29a9978c562e061e6ac9d1f03eee0
-
SSDEEP
12288:FmkbnVZIeNyo1BoGJHKnJFgaXdqu3U8OEtOM2ZNtTird:YqbIeNyos4KnJF1XM8OEtOnTEd
Malware Config
Targets
-
-
Target
JaffaCakes118_8aefd589efeb7ceb795ca6cc58f9bf20
-
Size
496KB
-
MD5
8aefd589efeb7ceb795ca6cc58f9bf20
-
SHA1
35bb5e50341d3a72e82e996388c89bbaa9d2efbb
-
SHA256
2e3a7739fd9eb2e6bb2f7747918a025e1bbcd3f8c9fd952d0e4a879992084c9c
-
SHA512
d33a443f385345c1659b1e2a2080a9eaf8140117641a03cda7b0ec63ef004ea995fca0fc44b45768ead44ca080f31435aec29a9978c562e061e6ac9d1f03eee0
-
SSDEEP
12288:FmkbnVZIeNyo1BoGJHKnJFgaXdqu3U8OEtOM2ZNtTird:YqbIeNyos4KnJF1XM8OEtOnTEd
Score8/10-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Active Setup
1Registry Run Keys / Startup Folder
1Pre-OS Boot
1Bootkit
1Privilege Escalation
Boot or Logon Autostart Execution
2Active Setup
1Registry Run Keys / Startup Folder
1