General

  • Target

    89914d42420b15f6541c2da8eb2ff73d_JaffaCakes118

  • Size

    462KB

  • Sample

    240601-gv7vlscc7x

  • MD5

    89914d42420b15f6541c2da8eb2ff73d

  • SHA1

    3b6d2fc5ab9ce010e8e8c05577520331a355ff1b

  • SHA256

    3386eb2091f24852ed82224b67d781fafa00d71293197f118a88a51750735b8b

  • SHA512

    e9746b6dcdd406e5d7ba5f1e74a5bde8f6d767de098fb7f8312474982f1ffbe2140fdc928e4c6d5fdbe1a4e3899bc9e7bd3518fa0b045025e714b8fdb7877afd

  • SSDEEP

    6144:UZfec9EbXDk6Rk8K6rG1VVE+IwrG1VVE+IWBTgQF8QmIys7b7MNCu:UZWtI6RkAunu7BEpIys7bA

Malware Config

Targets

    • Target

      89914d42420b15f6541c2da8eb2ff73d_JaffaCakes118

    • Size

      462KB

    • MD5

      89914d42420b15f6541c2da8eb2ff73d

    • SHA1

      3b6d2fc5ab9ce010e8e8c05577520331a355ff1b

    • SHA256

      3386eb2091f24852ed82224b67d781fafa00d71293197f118a88a51750735b8b

    • SHA512

      e9746b6dcdd406e5d7ba5f1e74a5bde8f6d767de098fb7f8312474982f1ffbe2140fdc928e4c6d5fdbe1a4e3899bc9e7bd3518fa0b045025e714b8fdb7877afd

    • SSDEEP

      6144:UZfec9EbXDk6Rk8K6rG1VVE+IwrG1VVE+IWBTgQF8QmIys7b7MNCu:UZWtI6RkAunu7BEpIys7bA

    • Disables service(s)

    • Modifies visibility of file extensions in Explorer

    • Blocks application from running via registry modification

      Adds application to list of disallowed applications.

    • Sets file execution options in registry

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks