General

  • Target

    740fc4ab94625e0f0cb5b55066e1c271_JaffaCakes118

  • Size

    1006KB

  • Sample

    240526-czz84sbf9w

  • MD5

    740fc4ab94625e0f0cb5b55066e1c271

  • SHA1

    dfacc2436c3824eb88ce9680dc19dbd882602cba

  • SHA256

    22824033ee9b1acbd3d4e1fe96a5b5cf67b5160a109727a366009d0c5ec46c2e

  • SHA512

    a8e53073483c9cd93af603f2485c8ef605d5005830790ccf4c78de00d95265bba26683890930d65fe7e32689df5922187d2cef9f044d8a7b4c5052ed6390832b

  • SSDEEP

    24576:UuhaCBh+erQZb+md4wmAMwUdHsI3aEPpN4:bMerQZbd24wHv3X8

Malware Config

Targets

    • Target

      740fc4ab94625e0f0cb5b55066e1c271_JaffaCakes118

    • Size

      1006KB

    • MD5

      740fc4ab94625e0f0cb5b55066e1c271

    • SHA1

      dfacc2436c3824eb88ce9680dc19dbd882602cba

    • SHA256

      22824033ee9b1acbd3d4e1fe96a5b5cf67b5160a109727a366009d0c5ec46c2e

    • SHA512

      a8e53073483c9cd93af603f2485c8ef605d5005830790ccf4c78de00d95265bba26683890930d65fe7e32689df5922187d2cef9f044d8a7b4c5052ed6390832b

    • SSDEEP

      24576:UuhaCBh+erQZb+md4wmAMwUdHsI3aEPpN4:bMerQZbd24wHv3X8

    • Disables service(s)

    • Modifies visibility of file extensions in Explorer

    • Blocks application from running via registry modification

      Adds application to list of disallowed applications.

    • Sets file execution options in registry

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks