General

  • Target

    8cefbc654828ab0bdab1cd6dda86798b_JaffaCakes118

  • Size

    972KB

  • Sample

    240602-fhgbfscc48

  • MD5

    8cefbc654828ab0bdab1cd6dda86798b

  • SHA1

    4e05d2fed0caa08eacd40ad36ded5d3fbc87ab02

  • SHA256

    3bb4716cc0878456ba4302a2e95238478bcf70db825fddd91a52372d116539c5

  • SHA512

    f8c1e7e476f201ae3ba39522d7cc51c85668d05daf8b991e84559eeb29cac2e290fc508b400fb1f3095e6614609ab0a4a874a26c5d18f829432964720af0b173

  • SSDEEP

    12288:UZWtI6Rkju9O6uJOB03erQZb+md4w1UieZJys73dOvXDpNjNe8r:UuhaFOaerQZb+md4wmieZJ8NI8r

Malware Config

Targets

    • Target

      8cefbc654828ab0bdab1cd6dda86798b_JaffaCakes118

    • Size

      972KB

    • MD5

      8cefbc654828ab0bdab1cd6dda86798b

    • SHA1

      4e05d2fed0caa08eacd40ad36ded5d3fbc87ab02

    • SHA256

      3bb4716cc0878456ba4302a2e95238478bcf70db825fddd91a52372d116539c5

    • SHA512

      f8c1e7e476f201ae3ba39522d7cc51c85668d05daf8b991e84559eeb29cac2e290fc508b400fb1f3095e6614609ab0a4a874a26c5d18f829432964720af0b173

    • SSDEEP

      12288:UZWtI6Rkju9O6uJOB03erQZb+md4w1UieZJys73dOvXDpNjNe8r:UuhaFOaerQZb+md4wmieZJ8NI8r

    • Disables service(s)

    • Modifies visibility of file extensions in Explorer

    • Blocks application from running via registry modification

      Adds application to list of disallowed applications.

    • Sets file execution options in registry

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks