General
-
Target
f6817296c933daa9628658e9233179b7_JaffaCakes118
-
Size
284KB
-
Sample
240417-x7hz1sbh43
-
MD5
f6817296c933daa9628658e9233179b7
-
SHA1
c7b8245acf1419779a90b29ee3ba5dd2d12ceab6
-
SHA256
c0521a5e0b346421c4d67ac8956fae37fae603c52c8efce1d3f21ce9db12edc7
-
SHA512
31aa76e75c840eae20595513e0696562b80421c583b601da4aabb8f97ee9fe0ddeecb22968ada67d354dbb2e3ffcc3359bd8f14a282857515508119bfb495ad1
-
SSDEEP
6144:7qVOPAboqOSg/B5zY8GbdCk18j7i8EzDPnMnadzL0QZ5TGtpM18:5AYTZ59Gboky2ZvUnahL0Qm3c
Static task
static1
Behavioral task
behavioral1
Sample
f6817296c933daa9628658e9233179b7_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
f6817296c933daa9628658e9233179b7_JaffaCakes118
-
Size
284KB
-
MD5
f6817296c933daa9628658e9233179b7
-
SHA1
c7b8245acf1419779a90b29ee3ba5dd2d12ceab6
-
SHA256
c0521a5e0b346421c4d67ac8956fae37fae603c52c8efce1d3f21ce9db12edc7
-
SHA512
31aa76e75c840eae20595513e0696562b80421c583b601da4aabb8f97ee9fe0ddeecb22968ada67d354dbb2e3ffcc3359bd8f14a282857515508119bfb495ad1
-
SSDEEP
6144:7qVOPAboqOSg/B5zY8GbdCk18j7i8EzDPnMnadzL0QZ5TGtpM18:5AYTZ59Gboky2ZvUnahL0Qm3c
-
Modifies security service
-
Disables taskbar notifications via registry modification
-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Create or Modify System Process
1Windows Service
1Privilege Escalation
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Create or Modify System Process
1Windows Service
1