General

  • Target

    6d5231879d06e052b8c9d14b561aad28_JaffaCakes118

  • Size

    932KB

  • Sample

    240524-ezdffsda7z

  • MD5

    6d5231879d06e052b8c9d14b561aad28

  • SHA1

    afe09b0633c9e3f137817c7c074a684c62127882

  • SHA256

    a2f896b52b22232f104a356c1e4f079dedbf11403b7824dd209f9ebd5fcb6b8a

  • SHA512

    77518b83a3fa79470f40be1d5f810e18688a6531a188964be2dccd64d73b967d6a872264d05c69449dd2698c7ea6d371c143713c97557d00096a908aa9fd3354

  • SSDEEP

    12288:D+OLv3WGM8S5p3fVK0JSX8uNM/ZRMXHeKa6YK8mKmNNsp4JFUTggnKHJx5X2D111:3LefvE0mNM/6C6JQmNGggKHxGzk3u/T

Malware Config

Targets

    • Target

      6d5231879d06e052b8c9d14b561aad28_JaffaCakes118

    • Size

      932KB

    • MD5

      6d5231879d06e052b8c9d14b561aad28

    • SHA1

      afe09b0633c9e3f137817c7c074a684c62127882

    • SHA256

      a2f896b52b22232f104a356c1e4f079dedbf11403b7824dd209f9ebd5fcb6b8a

    • SHA512

      77518b83a3fa79470f40be1d5f810e18688a6531a188964be2dccd64d73b967d6a872264d05c69449dd2698c7ea6d371c143713c97557d00096a908aa9fd3354

    • SSDEEP

      12288:D+OLv3WGM8S5p3fVK0JSX8uNM/ZRMXHeKa6YK8mKmNNsp4JFUTggnKHJx5X2D111:3LefvE0mNM/6C6JQmNGggKHxGzk3u/T

    • Registers COM server for autorun

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Checks whether UAC is enabled

MITRE ATT&CK Matrix ATT&CK v13

Persistence

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Defense Evasion

Modify Registry

1
T1112

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Tasks