General
-
Target
f44b80c50bbc6a660f31219e45e3a7d3_JaffaCakes118
-
Size
483KB
-
Sample
240416-zk33sacc28
-
MD5
f44b80c50bbc6a660f31219e45e3a7d3
-
SHA1
d6d3a6b19d6b2196a24c4c6061ad196273c01ed4
-
SHA256
00aa6a634e5d4d6fc94985fc070a936dce39f78bea2aca0ed350f509ce7a0391
-
SHA512
942bc605af0c03cb29216ef6f317295aebb9197c0fad8cf29011c2190e0cc5364d5d89d65c3d3b7ed2d9241482d2f1f646fdde6da21606e0a558ac2ce1fc23bf
-
SSDEEP
6144:UZfec9EbXDk6RkdKU/UOPSe570Szp3Znmy+g4VrG1VVE+IwrG1VVE+I5E2E4:UZWtI6RkqOB06KunuV4
Malware Config
Targets
-
-
Target
f44b80c50bbc6a660f31219e45e3a7d3_JaffaCakes118
-
Size
483KB
-
MD5
f44b80c50bbc6a660f31219e45e3a7d3
-
SHA1
d6d3a6b19d6b2196a24c4c6061ad196273c01ed4
-
SHA256
00aa6a634e5d4d6fc94985fc070a936dce39f78bea2aca0ed350f509ce7a0391
-
SHA512
942bc605af0c03cb29216ef6f317295aebb9197c0fad8cf29011c2190e0cc5364d5d89d65c3d3b7ed2d9241482d2f1f646fdde6da21606e0a558ac2ce1fc23bf
-
SSDEEP
6144:UZfec9EbXDk6RkdKU/UOPSe570Szp3Znmy+g4VrG1VVE+IwrG1VVE+I5E2E4:UZWtI6RkqOB06KunuV4
Score10/10-
Modifies visibility of file extensions in Explorer
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Sets file execution options in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-