General
-
Target
e61afa2a7110f1a61e538b3e20c0708e_JaffaCakes118
-
Size
273KB
-
Sample
240407-3egt5shf7v
-
MD5
e61afa2a7110f1a61e538b3e20c0708e
-
SHA1
dc368a0e9dc02a2091d13c6c4c68ec1300df35f4
-
SHA256
53c36808f6d8c6ed26b2d2494cab0d5976c792d6bae2120c8a27a5149d27e94c
-
SHA512
fbdc3058838842e8c0d150bd75386571f87ad5dffa047922e057feed85f4b725ae3955fc9d8c75117f1eb1e71745bd1e79ce76ccb486dc0c995af946fb4a7bca
-
SSDEEP
6144:5Q+7l60LCYhb9XlIToRWyGm1f8czjOXNbYAIzwyPqX:blhXJX6oGm1f3jGbIMIK
Static task
static1
Behavioral task
behavioral1
Sample
e61afa2a7110f1a61e538b3e20c0708e_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
e61afa2a7110f1a61e538b3e20c0708e_JaffaCakes118
-
Size
273KB
-
MD5
e61afa2a7110f1a61e538b3e20c0708e
-
SHA1
dc368a0e9dc02a2091d13c6c4c68ec1300df35f4
-
SHA256
53c36808f6d8c6ed26b2d2494cab0d5976c792d6bae2120c8a27a5149d27e94c
-
SHA512
fbdc3058838842e8c0d150bd75386571f87ad5dffa047922e057feed85f4b725ae3955fc9d8c75117f1eb1e71745bd1e79ce76ccb486dc0c995af946fb4a7bca
-
SSDEEP
6144:5Q+7l60LCYhb9XlIToRWyGm1f8czjOXNbYAIzwyPqX:blhXJX6oGm1f3jGbIMIK
-
Modifies security service
-
Disables taskbar notifications via registry modification
-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Privilege Escalation
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2