General
-
Target
ff2bfcee3e90dff7bdb82b366bfaceaa_JaffaCakes118
-
Size
288KB
-
Sample
240421-njgmlsac3t
-
MD5
ff2bfcee3e90dff7bdb82b366bfaceaa
-
SHA1
a74bf527e88b5f52e2e9f30cbab2cfc72db7079f
-
SHA256
b647633be3779909983d9a1ad11de6bf2afd32ca726828d32ea902326cacbd1b
-
SHA512
20e412647fb644a46d0b59e5291f488ad6beb064c3186c996f114eb78484ada182f2a7ad84c52eda5a0392f23ead22afd10117d5b24b5aa830880f4d05f0111f
-
SSDEEP
6144:xX8JXqMQUXu+9qjCTWeqKas8hiAHlkyvbhA5qLXtE8VZP6lnrlZdgpP:u0M7u+xWEAyeAGy8V168P
Static task
static1
Behavioral task
behavioral1
Sample
ff2bfcee3e90dff7bdb82b366bfaceaa_JaffaCakes118.exe
Resource
win7-20240220-en
Malware Config
Targets
-
-
Target
ff2bfcee3e90dff7bdb82b366bfaceaa_JaffaCakes118
-
Size
288KB
-
MD5
ff2bfcee3e90dff7bdb82b366bfaceaa
-
SHA1
a74bf527e88b5f52e2e9f30cbab2cfc72db7079f
-
SHA256
b647633be3779909983d9a1ad11de6bf2afd32ca726828d32ea902326cacbd1b
-
SHA512
20e412647fb644a46d0b59e5291f488ad6beb064c3186c996f114eb78484ada182f2a7ad84c52eda5a0392f23ead22afd10117d5b24b5aa830880f4d05f0111f
-
SSDEEP
6144:xX8JXqMQUXu+9qjCTWeqKas8hiAHlkyvbhA5qLXtE8VZP6lnrlZdgpP:u0M7u+xWEAyeAGy8V168P
-
Modifies security service
-
Disables taskbar notifications via registry modification
-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Privilege Escalation
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2