General
-
Target
f362dd71d128ea233ba0976d61589331_JaffaCakes118
-
Size
516KB
-
Sample
240416-nhk9eaah5v
-
MD5
f362dd71d128ea233ba0976d61589331
-
SHA1
e1faaf133282c1efb78ef54b3b683c651df306a7
-
SHA256
5450d70a103c7439fb6f9887bb6660cb2e07a7d6c4f0174a4fc7397a6742403d
-
SHA512
5a4ddf03918adc1d4081a96251175d1d7130b08aa81b9f46697ba3c0a148f1f69e7b72d37643047143a4569a744d628ce3cc931edb5d6c70b1213c45fd0a74f1
-
SSDEEP
6144:qOOr9BJ/GKWWBNU6ITLBi0qttclOKgU91BKLB15kAydiib4xMhj7TSnRHNaNul+o:3eBNUbTVO86UAtkj7b4xMtA1NaNZeaU
Static task
static1
Behavioral task
behavioral1
Sample
f362dd71d128ea233ba0976d61589331_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
f362dd71d128ea233ba0976d61589331_JaffaCakes118
-
Size
516KB
-
MD5
f362dd71d128ea233ba0976d61589331
-
SHA1
e1faaf133282c1efb78ef54b3b683c651df306a7
-
SHA256
5450d70a103c7439fb6f9887bb6660cb2e07a7d6c4f0174a4fc7397a6742403d
-
SHA512
5a4ddf03918adc1d4081a96251175d1d7130b08aa81b9f46697ba3c0a148f1f69e7b72d37643047143a4569a744d628ce3cc931edb5d6c70b1213c45fd0a74f1
-
SSDEEP
6144:qOOr9BJ/GKWWBNU6ITLBi0qttclOKgU91BKLB15kAydiib4xMhj7TSnRHNaNul+o:3eBNUbTVO86UAtkj7b4xMtA1NaNZeaU
-
Expiro payload
-
Disables taskbar notifications via registry modification
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-