General
-
Target
68a7f7254e778e3719834e86bf8762eb_JaffaCakes118
-
Size
866KB
-
Sample
240522-z2yjmagh5w
-
MD5
68a7f7254e778e3719834e86bf8762eb
-
SHA1
52335a7833f3ecad74cb493fb9eab944b0d5d3a3
-
SHA256
3b7f5a4cb75f8f27b0ab96efef3a613925ec3e47a73de991f64117186cc980a6
-
SHA512
aa4d258227e0e0ceddab98bbedc98f1c77e813e9733732a626d6b5a1265579aacf0907c8204a3370fe6bac3ac7bddeec573af6913fb32dcb90cbb89391b840ed
-
SSDEEP
12288:UZWtI6RkUuV2eZJys73dOvXDpNjNe8RuhwerQZb+md4w1UM:Uuha92eZJ8NI8QwerQZb+md4wmM
Malware Config
Targets
-
-
Target
68a7f7254e778e3719834e86bf8762eb_JaffaCakes118
-
Size
866KB
-
MD5
68a7f7254e778e3719834e86bf8762eb
-
SHA1
52335a7833f3ecad74cb493fb9eab944b0d5d3a3
-
SHA256
3b7f5a4cb75f8f27b0ab96efef3a613925ec3e47a73de991f64117186cc980a6
-
SHA512
aa4d258227e0e0ceddab98bbedc98f1c77e813e9733732a626d6b5a1265579aacf0907c8204a3370fe6bac3ac7bddeec573af6913fb32dcb90cbb89391b840ed
-
SSDEEP
12288:UZWtI6RkUuV2eZJys73dOvXDpNjNe8RuhwerQZb+md4w1UM:Uuha92eZJ8NI8QwerQZb+md4wmM
Score10/10-
Disables service(s)
-
Modifies visibility of file extensions in Explorer
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Sets file execution options in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1