General
-
Target
f31c59aec596266c4b0b461bb2c1a732_JaffaCakes118
-
Size
466KB
-
Sample
240416-kkgr8adf22
-
MD5
f31c59aec596266c4b0b461bb2c1a732
-
SHA1
a03c4cc31a90c125ed7c4e65111c9c7e68f64711
-
SHA256
fdc46042a93fd0bfa6b91de2ddec8b92af569fd8783055ef3662081eb2acc307
-
SHA512
18a70383d97079d4f006999c148fbfd559b2f1ef8a7252c993fba2fdd98c9b9b9798d4c0deb4da7849e0577fe526344aa7e929de95c73fb06b81cf7d5ce41118
-
SSDEEP
6144:UZfec9EbXDk6RktKJrG1VVE+I5E2EZ/UOPSe570Szp35nmy+g4H:UZWtI6RksuVyOB0+2
Malware Config
Targets
-
-
Target
f31c59aec596266c4b0b461bb2c1a732_JaffaCakes118
-
Size
466KB
-
MD5
f31c59aec596266c4b0b461bb2c1a732
-
SHA1
a03c4cc31a90c125ed7c4e65111c9c7e68f64711
-
SHA256
fdc46042a93fd0bfa6b91de2ddec8b92af569fd8783055ef3662081eb2acc307
-
SHA512
18a70383d97079d4f006999c148fbfd559b2f1ef8a7252c993fba2fdd98c9b9b9798d4c0deb4da7849e0577fe526344aa7e929de95c73fb06b81cf7d5ce41118
-
SSDEEP
6144:UZfec9EbXDk6RktKJrG1VVE+I5E2EZ/UOPSe570Szp35nmy+g4H:UZWtI6RksuVyOB0+2
Score10/10-
Modifies visibility of file extensions in Explorer
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Sets file execution options in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-