General
-
Target
0693f13507d16ed2290f30d105961ba1_JaffaCakes118
-
Size
3.9MB
-
Sample
240429-chldmafe2w
-
MD5
0693f13507d16ed2290f30d105961ba1
-
SHA1
d6350ff11bc5083797a28f7a88fe3393dbdc2235
-
SHA256
122509b9af0d2882ca0d5001f4cb668a1f6ca3f0d097a522ffe947bb07cefb15
-
SHA512
766c46044425f4bf9f0cd17dfc93dceefbc6b9bdd47b21f9e65d17a523cbd0992a8f24827db6ab70321bda10d82f6d4d106bc574467eed378547e466f8aeae55
-
SSDEEP
49152:bCerQZbd2MerQZbd2MerQZbd2MerQZbd2MerQZbd2/4u:XrQZWrQZWrQZWrQZWrQZRu
Malware Config
Targets
-
-
Target
0693f13507d16ed2290f30d105961ba1_JaffaCakes118
-
Size
3.9MB
-
MD5
0693f13507d16ed2290f30d105961ba1
-
SHA1
d6350ff11bc5083797a28f7a88fe3393dbdc2235
-
SHA256
122509b9af0d2882ca0d5001f4cb668a1f6ca3f0d097a522ffe947bb07cefb15
-
SHA512
766c46044425f4bf9f0cd17dfc93dceefbc6b9bdd47b21f9e65d17a523cbd0992a8f24827db6ab70321bda10d82f6d4d106bc574467eed378547e466f8aeae55
-
SSDEEP
49152:bCerQZbd2MerQZbd2MerQZbd2MerQZbd2MerQZbd2/4u:XrQZWrQZWrQZWrQZWrQZRu
Score10/10-
Modifies visibility of file extensions in Explorer
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Sets file execution options in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-