General
-
Target
fe2a9ab147e85338dc4dfef17fbddf2a_JaffaCakes118
-
Size
342KB
-
Sample
240421-cfccyagb94
-
MD5
fe2a9ab147e85338dc4dfef17fbddf2a
-
SHA1
fbc91b65893d1b9640ffc7d0c5595832daffea2f
-
SHA256
34e07d7596874ae8ad0dab91d8776e6b2563e2772eb6c65c55ffc1507f5e4f4a
-
SHA512
ae9d56c6f58c683216c92a7de5e72bf914fb7b8e528b84cf4792fc08eade6bbe8230ce8f166bdb44cee9e66eeed74a85307592df88e2d5e8a529a39a3026c407
-
SSDEEP
6144:Z6gJbaRkNJvY2k0bsRkcQRkfIwps+69yV9Goa0ihEHzBmcrBlVZU+NSgcUNv:Xbm8qN0bFciRwf69Gxi6TBvVZ/SgcWv
Behavioral task
behavioral1
Sample
fe2a9ab147e85338dc4dfef17fbddf2a_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
fe2a9ab147e85338dc4dfef17fbddf2a_JaffaCakes118.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
fe2a9ab147e85338dc4dfef17fbddf2a_JaffaCakes118
-
Size
342KB
-
MD5
fe2a9ab147e85338dc4dfef17fbddf2a
-
SHA1
fbc91b65893d1b9640ffc7d0c5595832daffea2f
-
SHA256
34e07d7596874ae8ad0dab91d8776e6b2563e2772eb6c65c55ffc1507f5e4f4a
-
SHA512
ae9d56c6f58c683216c92a7de5e72bf914fb7b8e528b84cf4792fc08eade6bbe8230ce8f166bdb44cee9e66eeed74a85307592df88e2d5e8a529a39a3026c407
-
SSDEEP
6144:Z6gJbaRkNJvY2k0bsRkcQRkfIwps+69yV9Goa0ihEHzBmcrBlVZU+NSgcUNv:Xbm8qN0bFciRwf69Gxi6TBvVZ/SgcWv
Score10/10-
Modifies WinLogon for persistence
-
Adds policy Run key to start application
-
Modifies Installed Components in the registry
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies WinLogon
-
Drops file in System32 directory
-