General

  • Target

    89322dc953052f8f29fd81e43d1863bc_JaffaCakes118

  • Size

    960KB

  • Sample

    240601-dj6lmaff41

  • MD5

    89322dc953052f8f29fd81e43d1863bc

  • SHA1

    aa9c0e2a3f79e7c5eeec753c02d71e0475bdd8fa

  • SHA256

    426d34b6bcadf7df039098321049f445064076de2a61689e1e22b68efebec7bd

  • SHA512

    46c8173818a0a6180d0f8abfd668c449110bb1568924fa1c2716a88188256c22ada6e12f3f31da5bb1104e574e48a66c466b0b1f24af6ed1a99cbe213002e87f

  • SSDEEP

    24576:UuhaeeZJ8NI84eZJ8NI8rerQZb+md4wmG:bO8l8rerQZbd26

Malware Config

Targets

    • Target

      89322dc953052f8f29fd81e43d1863bc_JaffaCakes118

    • Size

      960KB

    • MD5

      89322dc953052f8f29fd81e43d1863bc

    • SHA1

      aa9c0e2a3f79e7c5eeec753c02d71e0475bdd8fa

    • SHA256

      426d34b6bcadf7df039098321049f445064076de2a61689e1e22b68efebec7bd

    • SHA512

      46c8173818a0a6180d0f8abfd668c449110bb1568924fa1c2716a88188256c22ada6e12f3f31da5bb1104e574e48a66c466b0b1f24af6ed1a99cbe213002e87f

    • SSDEEP

      24576:UuhaeeZJ8NI84eZJ8NI8rerQZb+md4wmG:bO8l8rerQZbd26

    • Disables service(s)

    • Modifies visibility of file extensions in Explorer

    • Blocks application from running via registry modification

      Adds application to list of disallowed applications.

    • Sets file execution options in registry

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks