General
-
Target
73829863d4f33017610ca46e903286a5_JaffaCakes118
-
Size
4.4MB
-
Sample
240525-2r9j9aea79
-
MD5
73829863d4f33017610ca46e903286a5
-
SHA1
6bc2b9ec9d6806c0191deea59ae6b77c0c6991e5
-
SHA256
7f52672c5573dd2d936862f2fbca667238f4d89e511b3a47f9082c93edd535f9
-
SHA512
99524caa0471ec1ca1ab0c2387d5ca39a324e47bbe77545d18c0e82c4471aea6964c73e70825dd6e1754753c8e161b32c10c36531d6c8ad7faee8465c5f0e037
-
SSDEEP
49152:boerQZbd2RerQZbd2RerQZbd2RerQZbd2RerQZbd2RerQZbd25ph7GBfW+:lrQZvrQZvrQZvrQZvrQZvrQZW77GBfW+
Static task
static1
Behavioral task
behavioral1
Sample
73829863d4f33017610ca46e903286a5_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
73829863d4f33017610ca46e903286a5_JaffaCakes118.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
73829863d4f33017610ca46e903286a5_JaffaCakes118
-
Size
4.4MB
-
MD5
73829863d4f33017610ca46e903286a5
-
SHA1
6bc2b9ec9d6806c0191deea59ae6b77c0c6991e5
-
SHA256
7f52672c5573dd2d936862f2fbca667238f4d89e511b3a47f9082c93edd535f9
-
SHA512
99524caa0471ec1ca1ab0c2387d5ca39a324e47bbe77545d18c0e82c4471aea6964c73e70825dd6e1754753c8e161b32c10c36531d6c8ad7faee8465c5f0e037
-
SSDEEP
49152:boerQZbd2RerQZbd2RerQZbd2RerQZbd2RerQZbd2RerQZbd25ph7GBfW+:lrQZvrQZvrQZvrQZvrQZvrQZW77GBfW+
Score10/10-
Modifies visibility of file extensions in Explorer
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Sets file execution options in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1