General
-
Target
77ea131dcf27c345a5b8a3bc764eb228_JaffaCakes118
-
Size
928KB
-
Sample
240527-e67ymshc89
-
MD5
77ea131dcf27c345a5b8a3bc764eb228
-
SHA1
d31a5bd6fd4d39c2966339a84b7cfee899cdaf63
-
SHA256
834bd9652ca70c1b5e73ed16e6183dd34733162ba56db647c364ec890351c6d5
-
SHA512
99983bb735cb97ceb713f75f897f6f95e1ac329021acae8b23432c1b48463fc100c73ad355797995656eefbf6549a4f430c29119b17791903b6f908bfdda20e0
-
SSDEEP
12288:UZWtI6Rkr9OB0vOB0vwOF9OB0vOB0vHYiZKTKwm:Uuhar9OWOAL9OWOAHETKwm
Malware Config
Targets
-
-
Target
77ea131dcf27c345a5b8a3bc764eb228_JaffaCakes118
-
Size
928KB
-
MD5
77ea131dcf27c345a5b8a3bc764eb228
-
SHA1
d31a5bd6fd4d39c2966339a84b7cfee899cdaf63
-
SHA256
834bd9652ca70c1b5e73ed16e6183dd34733162ba56db647c364ec890351c6d5
-
SHA512
99983bb735cb97ceb713f75f897f6f95e1ac329021acae8b23432c1b48463fc100c73ad355797995656eefbf6549a4f430c29119b17791903b6f908bfdda20e0
-
SSDEEP
12288:UZWtI6Rkr9OB0vOB0vwOF9OB0vOB0vHYiZKTKwm:Uuhar9OWOAL9OWOAHETKwm
Score10/10-
Disables service(s)
-
Modifies visibility of file extensions in Explorer
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Sets file execution options in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1