General

  • Target

    90e92a6f05aeae5427c0a07d3f3c1989_JaffaCakes118

  • Size

    3.3MB

  • Sample

    240603-hztn8afg2z

  • MD5

    90e92a6f05aeae5427c0a07d3f3c1989

  • SHA1

    567753aaf8b20937e688be8e8aa320a12c481029

  • SHA256

    54dd308d74d4d7493f0354caa3f59c8b1d79e0b730bce24298b77db5a5640cde

  • SHA512

    be82b256c8243596f7bd6b43a68f2c1924eb2e1e5ed93db39b1c4cc5b89f4ebce240f45b25da1e42270ec79e951e89d88e6757d7f49c23420edba495b397353f

  • SSDEEP

    49152:bDerQZbd2werQZbd2werQZbd2werQZbd2werQZbd2a:OrQZKrQZKrQZKrQZKrQZX

Malware Config

Targets

    • Target

      90e92a6f05aeae5427c0a07d3f3c1989_JaffaCakes118

    • Size

      3.3MB

    • MD5

      90e92a6f05aeae5427c0a07d3f3c1989

    • SHA1

      567753aaf8b20937e688be8e8aa320a12c481029

    • SHA256

      54dd308d74d4d7493f0354caa3f59c8b1d79e0b730bce24298b77db5a5640cde

    • SHA512

      be82b256c8243596f7bd6b43a68f2c1924eb2e1e5ed93db39b1c4cc5b89f4ebce240f45b25da1e42270ec79e951e89d88e6757d7f49c23420edba495b397353f

    • SSDEEP

      49152:bDerQZbd2werQZbd2werQZbd2werQZbd2werQZbd2a:OrQZKrQZKrQZKrQZKrQZX

    • Disables service(s)

    • Modifies visibility of file extensions in Explorer

    • Blocks application from running via registry modification

      Adds application to list of disallowed applications.

    • Sets file execution options in registry

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks