General

  • Target

    6a124b4ce2f0be2c37afab875713e72bJaffaCakes118

  • Size

    1009KB

  • Sample

    240526-fhp9csgd28

  • MD5

    6a124b4ce2f0be2c37afab875713e72b

  • SHA1

    f764b2178330514b044562700d2880b80d6bca0b

  • SHA256

    78eb87d148ceda07a5c5c4875bbf32424e2294036fee29b4203866784bce39ff

  • SHA512

    2af7be37fdff9215b1342b9fb3ecbd840ccd53478f62688f4241444f4c7e039c379e138b7efe1bd7fbeba0bff2a69f95433d02d33b34422193b436d1aa6b86e4

  • SSDEEP

    6144:UZfec9EbXDk6Rk8Kxnmy+g4xrG1VVE+ItuHOSnmy+g4xrG1VVE+ItuHOSnmy+g4V:UZWtI6RkPyuVOSyuVOSyuVOSyuC

Malware Config

Targets

    • Target

      6a124b4ce2f0be2c37afab875713e72bJaffaCakes118

    • Size

      1009KB

    • MD5

      6a124b4ce2f0be2c37afab875713e72b

    • SHA1

      f764b2178330514b044562700d2880b80d6bca0b

    • SHA256

      78eb87d148ceda07a5c5c4875bbf32424e2294036fee29b4203866784bce39ff

    • SHA512

      2af7be37fdff9215b1342b9fb3ecbd840ccd53478f62688f4241444f4c7e039c379e138b7efe1bd7fbeba0bff2a69f95433d02d33b34422193b436d1aa6b86e4

    • SSDEEP

      6144:UZfec9EbXDk6Rk8Kxnmy+g4xrG1VVE+ItuHOSnmy+g4xrG1VVE+ItuHOSnmy+g4V:UZWtI6RkPyuVOSyuVOSyuVOSyuC

    • Disables service(s)

    • Modifies visibility of file extensions in Explorer

    • Blocks application from running via registry modification

      Adds application to list of disallowed applications.

    • Sets file execution options in registry

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks