General
-
Target
05db9d80663ab7f4a90e8cc6ce70ca34_JaffaCakes118
-
Size
3.1MB
-
Sample
240428-xkwmlaed86
-
MD5
05db9d80663ab7f4a90e8cc6ce70ca34
-
SHA1
384ab2f093aad344b20cb57ea8dcde8a4894d6be
-
SHA256
d8750ac90a1c1ac124977c1f1ee9bb890357e589a3a748ba8b281abf9f6c0df7
-
SHA512
b48662ad33c2fa5f70e7c5276460c3cc85627b57e81e5523ae5b17779baf795fef9883c2ef933707dbd96f285a8096e85e13224e21c40646460ff9f12be5b6d3
-
SSDEEP
49152:ZUuBTOjZwS1Ihk+hy7iHuaRZnt+NTNLiG97+:ZXRO0hkr2Rxt+eD
Static task
static1
Behavioral task
behavioral1
Sample
05db9d80663ab7f4a90e8cc6ce70ca34_JaffaCakes118.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
05db9d80663ab7f4a90e8cc6ce70ca34_JaffaCakes118.exe
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
05db9d80663ab7f4a90e8cc6ce70ca34_JaffaCakes118
-
Size
3.1MB
-
MD5
05db9d80663ab7f4a90e8cc6ce70ca34
-
SHA1
384ab2f093aad344b20cb57ea8dcde8a4894d6be
-
SHA256
d8750ac90a1c1ac124977c1f1ee9bb890357e589a3a748ba8b281abf9f6c0df7
-
SHA512
b48662ad33c2fa5f70e7c5276460c3cc85627b57e81e5523ae5b17779baf795fef9883c2ef933707dbd96f285a8096e85e13224e21c40646460ff9f12be5b6d3
-
SSDEEP
49152:ZUuBTOjZwS1Ihk+hy7iHuaRZnt+NTNLiG97+:ZXRO0hkr2Rxt+eD
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Loads dropped DLL
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
1Winlogon Helper DLL
1