General
-
Target
6891f08afa6336284ff48a76503b7082_JaffaCakes118
-
Size
1.5MB
-
Sample
240522-zjtgysfh6z
-
MD5
6891f08afa6336284ff48a76503b7082
-
SHA1
9d60a8c79b55b3c60dc35a8cc9a16cca15beb321
-
SHA256
140fa69c79592b496b66ff1d8b1d16098c8d1936df4fbdb5e436290e4f5c118a
-
SHA512
4f69bba9a9f5f9b8f572f31472d4b23fd7ff17dd57769f1b5692b445168cac06b748d0047e98b8d37ecb1b8476c7181b6b6001c43ebf7a81263340f634d30960
-
SSDEEP
24576:UuhayOaerQZb+md4wmNerQZb+md4wmWOoeZJ8NI8e:bTerQZbd2JerQZbd2p8e
Static task
static1
Behavioral task
behavioral1
Sample
6891f08afa6336284ff48a76503b7082_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
6891f08afa6336284ff48a76503b7082_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
6891f08afa6336284ff48a76503b7082_JaffaCakes118
-
Size
1.5MB
-
MD5
6891f08afa6336284ff48a76503b7082
-
SHA1
9d60a8c79b55b3c60dc35a8cc9a16cca15beb321
-
SHA256
140fa69c79592b496b66ff1d8b1d16098c8d1936df4fbdb5e436290e4f5c118a
-
SHA512
4f69bba9a9f5f9b8f572f31472d4b23fd7ff17dd57769f1b5692b445168cac06b748d0047e98b8d37ecb1b8476c7181b6b6001c43ebf7a81263340f634d30960
-
SSDEEP
24576:UuhayOaerQZb+md4wmNerQZb+md4wmWOoeZJ8NI8e:bTerQZbd2JerQZbd2p8e
Score10/10-
Modifies visibility of file extensions in Explorer
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Sets file execution options in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1