General
-
Target
fdc1604e14eacb69a55b60411f8c6c37_JaffaCakes118
-
Size
1.9MB
-
Sample
240420-12jadabb84
-
MD5
fdc1604e14eacb69a55b60411f8c6c37
-
SHA1
accc10abf22ea672b207c5f0a32308edbb6a9f9e
-
SHA256
ef1476962006f452867c1e0a6abb8072deceed0cd46c9d1e8f16d18892f3b870
-
SHA512
57b0ae65dd133c2e3c1f73c558ba57d78ef5fd164c51d29e2f565e99e49002d301acb7793660c2d375fb18089d8f6040b0b1dc0d825ac0faa939f1d94d806d5d
-
SSDEEP
12288:RFfwcHcu8pMkZ3Fn9d+Vd3SUZ+7EeI1x7f7V3+hT6DaRWz58kc+1xy8SyGp44:RJcu8pl9d+VdCUhN1SsNK+1pSyg44
Static task
static1
Behavioral task
behavioral1
Sample
fdc1604e14eacb69a55b60411f8c6c37_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
fdc1604e14eacb69a55b60411f8c6c37_JaffaCakes118.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
fdc1604e14eacb69a55b60411f8c6c37_JaffaCakes118
-
Size
1.9MB
-
MD5
fdc1604e14eacb69a55b60411f8c6c37
-
SHA1
accc10abf22ea672b207c5f0a32308edbb6a9f9e
-
SHA256
ef1476962006f452867c1e0a6abb8072deceed0cd46c9d1e8f16d18892f3b870
-
SHA512
57b0ae65dd133c2e3c1f73c558ba57d78ef5fd164c51d29e2f565e99e49002d301acb7793660c2d375fb18089d8f6040b0b1dc0d825ac0faa939f1d94d806d5d
-
SSDEEP
12288:RFfwcHcu8pMkZ3Fn9d+Vd3SUZ+7EeI1x7f7V3+hT6DaRWz58kc+1xy8SyGp44:RJcu8pl9d+VdCUhN1SsNK+1pSyg44
Score10/10-
Modifies WinLogon for persistence
-
Adds policy Run key to start application
-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies WinLogon
-
Drops file in System32 directory
-