General
-
Target
a70a7e81e4a98a4669f7082c42795e16_JaffaCakes118
-
Size
739KB
-
Sample
240613-25r75ayblj
-
MD5
a70a7e81e4a98a4669f7082c42795e16
-
SHA1
2a811df632e9bc21594668614ca5abbadf754c53
-
SHA256
2769c552c649369334cd28eb06164cbe46fc37fa9d64ee7b393ed1474ae37b82
-
SHA512
5dee598f749604e5af1e3f71472007c11f79c075992efad38da2e48cc4bfc1751e152ec363f18dbc131fbaa8940b05c3aaed5f9460640ade75e9ce3b4154ff0b
-
SSDEEP
6144:UZfec9EbXDk6Rk8KJrG1VVE+Iznmy+g46nmy+g4VrG1VVE+IRuHOJrG1VVE+IznN:UZWtI6Rkbu0VKu9O9u0VKuJOB0H
Malware Config
Targets
-
-
Target
a70a7e81e4a98a4669f7082c42795e16_JaffaCakes118
-
Size
739KB
-
MD5
a70a7e81e4a98a4669f7082c42795e16
-
SHA1
2a811df632e9bc21594668614ca5abbadf754c53
-
SHA256
2769c552c649369334cd28eb06164cbe46fc37fa9d64ee7b393ed1474ae37b82
-
SHA512
5dee598f749604e5af1e3f71472007c11f79c075992efad38da2e48cc4bfc1751e152ec363f18dbc131fbaa8940b05c3aaed5f9460640ade75e9ce3b4154ff0b
-
SSDEEP
6144:UZfec9EbXDk6Rk8KJrG1VVE+Iznmy+g46nmy+g4VrG1VVE+IRuHOJrG1VVE+IznN:UZWtI6Rkbu0VKu9O9u0VKuJOB0H
Score10/10-
Disables service(s)
-
Modifies visibility of file extensions in Explorer
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Sets file execution options in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1