General

  • Target

    4f7532fdcb9a4429eb0ad8aed59953b9_JaffaCakes118

  • Size

    1.9MB

  • Sample

    240517-l2w4xacg81

  • MD5

    4f7532fdcb9a4429eb0ad8aed59953b9

  • SHA1

    b248d29e4c42cc39544b7b7d72eadf90fbc84ad5

  • SHA256

    2528988692c3f3020f4b740d1f46e7e952d668eea0880c5f44d98a7be06df9c7

  • SHA512

    f525703bd1cce6387202ddc7dec69789c9bfe79f04f6396e130c10d03ebb9e61e54a52876df4b8dd20cd56e9a1a45e5d6618515ed8e6ae584efbab8e50eba1a2

  • SSDEEP

    12288:GAuUvAcFqjhuIFADQvgbWR67zMSYAA6GD1jdbNy9dVZvQOFRFZcQIST8Kav:ccFqbGDHg8zle189VFFZ8S4Kav

Score
10/10

Malware Config

Targets

    • Target

      4f7532fdcb9a4429eb0ad8aed59953b9_JaffaCakes118

    • Size

      1.9MB

    • MD5

      4f7532fdcb9a4429eb0ad8aed59953b9

    • SHA1

      b248d29e4c42cc39544b7b7d72eadf90fbc84ad5

    • SHA256

      2528988692c3f3020f4b740d1f46e7e952d668eea0880c5f44d98a7be06df9c7

    • SHA512

      f525703bd1cce6387202ddc7dec69789c9bfe79f04f6396e130c10d03ebb9e61e54a52876df4b8dd20cd56e9a1a45e5d6618515ed8e6ae584efbab8e50eba1a2

    • SSDEEP

      12288:GAuUvAcFqjhuIFADQvgbWR67zMSYAA6GD1jdbNy9dVZvQOFRFZcQIST8Kav:ccFqbGDHg8zle189VFFZ8S4Kav

    Score
    10/10
    • Modifies WinLogon for persistence

    • Adds policy Run key to start application

    • Modifies Installed Components in the registry

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies WinLogon

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks