General
-
Target
0da91de5dd65f77309b9b0a98f98d4bf_JaffaCakes118
-
Size
4.7MB
-
Sample
240502-gfe62sac9z
-
MD5
0da91de5dd65f77309b9b0a98f98d4bf
-
SHA1
33d5ac9bca7e33791d9d94e44a7291f79b514e58
-
SHA256
f7e4cf534ef15ac2fcbfeb5c911f96151b0d28b09ec81d75f488abdefee39232
-
SHA512
5061ee6744ce8763a168269a27a7e6e63a60cf1312eae2b7d76a50bc832a3b60046c1f7ecbc7fc7df7d533f6ad2a24d8c00acbeac82b396f62e316f9ce94e9c1
-
SSDEEP
98304:ArQZQrQZFrQZQrQZFrQZQrQZFrQZQrQZFrQZQrQZJ:Ar2Qr2Fr2Qr2Fr2Qr2Fr2Qr2Fr2Qr2J
Malware Config
Targets
-
-
Target
0da91de5dd65f77309b9b0a98f98d4bf_JaffaCakes118
-
Size
4.7MB
-
MD5
0da91de5dd65f77309b9b0a98f98d4bf
-
SHA1
33d5ac9bca7e33791d9d94e44a7291f79b514e58
-
SHA256
f7e4cf534ef15ac2fcbfeb5c911f96151b0d28b09ec81d75f488abdefee39232
-
SHA512
5061ee6744ce8763a168269a27a7e6e63a60cf1312eae2b7d76a50bc832a3b60046c1f7ecbc7fc7df7d533f6ad2a24d8c00acbeac82b396f62e316f9ce94e9c1
-
SSDEEP
98304:ArQZQrQZFrQZQrQZFrQZQrQZFrQZQrQZFrQZQrQZJ:Ar2Qr2Fr2Qr2Fr2Qr2Fr2Qr2Fr2Qr2J
Score10/10-
Modifies visibility of file extensions in Explorer
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Sets file execution options in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-