General

  • Target

    7355d9ebbe067b83b182964bf71923b8_JaffaCakes118

  • Size

    4.6MB

  • Sample

    240525-1j7j9aca24

  • MD5

    7355d9ebbe067b83b182964bf71923b8

  • SHA1

    94f0c94d0182288def56d254b0935e9315469256

  • SHA256

    6b77a28754f0be66313f5c5b9e3bc13bf2049818ea3e95daa5a2da82b61d333e

  • SHA512

    b303d6d152c71f25d5f6e550df707422e0160a7409a1c931642c5e3271964c6202a601db90f78c41bbe0996b679792941b63266d4493c04168f5625a2784305c

  • SSDEEP

    49152:bWerQZbd2P8KerQZbd2P8KerQZbd2P8KerQZbd2P8KerQZbd2P8KerQZbd2P8N:jrQZXrQZXrQZXrQZXrQZXrQZZ

Malware Config

Targets

    • Target

      7355d9ebbe067b83b182964bf71923b8_JaffaCakes118

    • Size

      4.6MB

    • MD5

      7355d9ebbe067b83b182964bf71923b8

    • SHA1

      94f0c94d0182288def56d254b0935e9315469256

    • SHA256

      6b77a28754f0be66313f5c5b9e3bc13bf2049818ea3e95daa5a2da82b61d333e

    • SHA512

      b303d6d152c71f25d5f6e550df707422e0160a7409a1c931642c5e3271964c6202a601db90f78c41bbe0996b679792941b63266d4493c04168f5625a2784305c

    • SSDEEP

      49152:bWerQZbd2P8KerQZbd2P8KerQZbd2P8KerQZbd2P8KerQZbd2P8KerQZbd2P8N:jrQZXrQZXrQZXrQZXrQZXrQZZ

    • Disables service(s)

    • Modifies visibility of file extensions in Explorer

    • Blocks application from running via registry modification

      Adds application to list of disallowed applications.

    • Sets file execution options in registry

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks