General
-
Target
68e14759c46d0e8f2217ffc30112466b_JaffaCakes118
-
Size
553KB
-
Sample
240522-2m37nsbg41
-
MD5
68e14759c46d0e8f2217ffc30112466b
-
SHA1
630cff98a125b7d4193803dd1f88ac5719a07232
-
SHA256
f1a6d8ff09496053ed10c727da5d6d3e57c664006a4c13b9f9f98b5165a58095
-
SHA512
b161bad7b0d22e3af09e1a0f56272b363791777c5fa100b33abbfdf95cac8e0c2beef187d3109e422e6e12fe781724aee4c1f792349e4db55d46eb995febb75f
-
SSDEEP
12288:UZWtI6RkVOB06VYeZJys73dOvXDpNjNe8r:UuhaVOaeZJ8NI8r
Malware Config
Targets
-
-
Target
68e14759c46d0e8f2217ffc30112466b_JaffaCakes118
-
Size
553KB
-
MD5
68e14759c46d0e8f2217ffc30112466b
-
SHA1
630cff98a125b7d4193803dd1f88ac5719a07232
-
SHA256
f1a6d8ff09496053ed10c727da5d6d3e57c664006a4c13b9f9f98b5165a58095
-
SHA512
b161bad7b0d22e3af09e1a0f56272b363791777c5fa100b33abbfdf95cac8e0c2beef187d3109e422e6e12fe781724aee4c1f792349e4db55d46eb995febb75f
-
SSDEEP
12288:UZWtI6RkVOB06VYeZJys73dOvXDpNjNe8r:UuhaVOaeZJ8NI8r
Score10/10-
Disables service(s)
-
Modifies visibility of file extensions in Explorer
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Sets file execution options in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1