General

  • Target

    92f7a342535b398ec79d245d514932d8_JaffaCakes118

  • Size

    2.6MB

  • Sample

    240603-3d9tjach4s

  • MD5

    92f7a342535b398ec79d245d514932d8

  • SHA1

    d8a1d90746362533f63756c3ba210ba1471cbde0

  • SHA256

    45530ee8676ba81811db407c8ad83f31659ed6e2a5e479404088c8ba546da893

  • SHA512

    4cf336909db4c533f1df8c1aaae2e1419f6cf4eba470b04cab698fa8983b223725f461f7598d144723e1ac13274030d6798c63b2a2bbd3de2ff60a9a5217e69d

  • SSDEEP

    24576:UuhakyOdyO1yOdyO1yOdyO1yOdyO1yOdyOk44:b6z

Malware Config

Targets

    • Target

      92f7a342535b398ec79d245d514932d8_JaffaCakes118

    • Size

      2.6MB

    • MD5

      92f7a342535b398ec79d245d514932d8

    • SHA1

      d8a1d90746362533f63756c3ba210ba1471cbde0

    • SHA256

      45530ee8676ba81811db407c8ad83f31659ed6e2a5e479404088c8ba546da893

    • SHA512

      4cf336909db4c533f1df8c1aaae2e1419f6cf4eba470b04cab698fa8983b223725f461f7598d144723e1ac13274030d6798c63b2a2bbd3de2ff60a9a5217e69d

    • SSDEEP

      24576:UuhakyOdyO1yOdyO1yOdyO1yOdyO1yOdyOk44:b6z

    • Disables service(s)

    • Modifies visibility of file extensions in Explorer

    • Blocks application from running via registry modification

      Adds application to list of disallowed applications.

    • Sets file execution options in registry

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks