General
-
Target
f6ad2b4e1d1925e0f6c77aef6b175558_JaffaCakes118
-
Size
621KB
-
Sample
240417-12w68sgh6z
-
MD5
f6ad2b4e1d1925e0f6c77aef6b175558
-
SHA1
2336257fba21e141d81cfcac59f5fec30695463a
-
SHA256
ea30de4c87ef861a74cc1252218e6c2970ded7417f82a0d831d6d1b907a0fa70
-
SHA512
db5cc017342ff2fc63c5848fd9806ddc99f39463aa488ac16bbd05d2394f8d0b0412ff2f0d963ed264976fde3b796aabc652bc7d0c976d0017e49ac9820cad72
-
SSDEEP
6144:UZfec9EbXDk6RkJKU/UOPSe570Szp3bE2EtE2EyCnXfCeIDudLCAFbZlYQF8QmIO:UZWtI6RkGOB0vYyCGDgtHYpIys7bA
Malware Config
Targets
-
-
Target
f6ad2b4e1d1925e0f6c77aef6b175558_JaffaCakes118
-
Size
621KB
-
MD5
f6ad2b4e1d1925e0f6c77aef6b175558
-
SHA1
2336257fba21e141d81cfcac59f5fec30695463a
-
SHA256
ea30de4c87ef861a74cc1252218e6c2970ded7417f82a0d831d6d1b907a0fa70
-
SHA512
db5cc017342ff2fc63c5848fd9806ddc99f39463aa488ac16bbd05d2394f8d0b0412ff2f0d963ed264976fde3b796aabc652bc7d0c976d0017e49ac9820cad72
-
SSDEEP
6144:UZfec9EbXDk6RkJKU/UOPSe570Szp3bE2EtE2EyCnXfCeIDudLCAFbZlYQF8QmIO:UZWtI6RkGOB0vYyCGDgtHYpIys7bA
Score10/10-
Modifies visibility of file extensions in Explorer
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Sets file execution options in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-