General
-
Target
05749f070af05abf81f45e602fcdbef4_JaffaCakes118
-
Size
3.1MB
-
Sample
240428-sd3ecaaf6w
-
MD5
05749f070af05abf81f45e602fcdbef4
-
SHA1
5e3f92fa742f32a9e444ab9f02cf027e67bca5d4
-
SHA256
cebc864d02d959fcde4378b8d9c34d0ec140f1347b6323977a36c7d4f4da42fe
-
SHA512
62048bdb51e6009de1c73be5f8763238245ebbd73348a1641c95dd3ed58a0f627625e7fb9542577c604e2a5444b5773344244418ad165763af768a9220ed6242
-
SSDEEP
49152:ZUuBTOjZwS1Ihk+hy7iHuaRZnt+NTNLiG97U:ZXRO0hkr2Rxt+e9
Static task
static1
Behavioral task
behavioral1
Sample
05749f070af05abf81f45e602fcdbef4_JaffaCakes118.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
05749f070af05abf81f45e602fcdbef4_JaffaCakes118.exe
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
05749f070af05abf81f45e602fcdbef4_JaffaCakes118
-
Size
3.1MB
-
MD5
05749f070af05abf81f45e602fcdbef4
-
SHA1
5e3f92fa742f32a9e444ab9f02cf027e67bca5d4
-
SHA256
cebc864d02d959fcde4378b8d9c34d0ec140f1347b6323977a36c7d4f4da42fe
-
SHA512
62048bdb51e6009de1c73be5f8763238245ebbd73348a1641c95dd3ed58a0f627625e7fb9542577c604e2a5444b5773344244418ad165763af768a9220ed6242
-
SSDEEP
49152:ZUuBTOjZwS1Ihk+hy7iHuaRZnt+NTNLiG97U:ZXRO0hkr2Rxt+e9
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Loads dropped DLL
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Boot or Logon Autostart Execution
1Winlogon Helper DLL
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1