General
-
Target
03018e35620acbf52939b3fa0c2d109f_JaffaCakes118
-
Size
6.0MB
-
Sample
240427-l4wwxsgc37
-
MD5
03018e35620acbf52939b3fa0c2d109f
-
SHA1
cbf6bac4306040212d6c8db462e0c625c8a719c2
-
SHA256
3d8da7880350ec399aff0ee66523160daba8dd66e9a2afcb67b434a2f2c49615
-
SHA512
cf9612333c6d37e7d753b6f2250aadc9bbd04e3360e7b043337651e9f02dcc23f7eb43dd08f29d52edbaf0eb63f312c544327903d8d1c85064f6f0d559f26b2a
-
SSDEEP
98304:z0yRJ1UMN0yRJ1UMN0yRJ1UMN0yRJ1UMN0yRJ1UMN0yRJ1UM8rQZ1:zBtnNBtnNBtnNBtnNBtnNBtn8r21
Malware Config
Targets
-
-
Target
03018e35620acbf52939b3fa0c2d109f_JaffaCakes118
-
Size
6.0MB
-
MD5
03018e35620acbf52939b3fa0c2d109f
-
SHA1
cbf6bac4306040212d6c8db462e0c625c8a719c2
-
SHA256
3d8da7880350ec399aff0ee66523160daba8dd66e9a2afcb67b434a2f2c49615
-
SHA512
cf9612333c6d37e7d753b6f2250aadc9bbd04e3360e7b043337651e9f02dcc23f7eb43dd08f29d52edbaf0eb63f312c544327903d8d1c85064f6f0d559f26b2a
-
SSDEEP
98304:z0yRJ1UMN0yRJ1UMN0yRJ1UMN0yRJ1UMN0yRJ1UMN0yRJ1UM8rQZ1:zBtnNBtnNBtnNBtnNBtnNBtn8r21
Score10/10-
Modifies visibility of file extensions in Explorer
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Sets file execution options in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-