General

  • Target

    92f50f72999f86eb349acd48555df77d_JaffaCakes118

  • Size

    3.8MB

  • Sample

    240603-3bk3dscg3x

  • MD5

    92f50f72999f86eb349acd48555df77d

  • SHA1

    621859e85f14f3e3197a6587eaa5dd5d1472dc93

  • SHA256

    e9b3d1de02b6c08c6dbdbb2a9b6cd33ec4e30961aa1dfc34d277f01e59c805c3

  • SHA512

    7bbd7da243a3ec7e26e05dacca52cf2de57d45825ff8d344e6217d5047b49371d0e7d5eb6b18ea6d6cec31372a0047f10b72aaaf5bdeda1339c5dd0cad69ce39

  • SSDEEP

    49152:bnerQZbd2VerQZbd2perQZbd2perQZbd2perQZbd2perQZbd2AerQZbd24:6rQZnrQZDrQZDrQZDrQZDrQZgrQZ1

Malware Config

Targets

    • Target

      92f50f72999f86eb349acd48555df77d_JaffaCakes118

    • Size

      3.8MB

    • MD5

      92f50f72999f86eb349acd48555df77d

    • SHA1

      621859e85f14f3e3197a6587eaa5dd5d1472dc93

    • SHA256

      e9b3d1de02b6c08c6dbdbb2a9b6cd33ec4e30961aa1dfc34d277f01e59c805c3

    • SHA512

      7bbd7da243a3ec7e26e05dacca52cf2de57d45825ff8d344e6217d5047b49371d0e7d5eb6b18ea6d6cec31372a0047f10b72aaaf5bdeda1339c5dd0cad69ce39

    • SSDEEP

      49152:bnerQZbd2VerQZbd2perQZbd2perQZbd2perQZbd2perQZbd2AerQZbd24:6rQZnrQZDrQZDrQZDrQZDrQZgrQZ1

    • Disables service(s)

    • Modifies visibility of file extensions in Explorer

    • Blocks application from running via registry modification

      Adds application to list of disallowed applications.

    • Sets file execution options in registry

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks