General

  • Target

    a55ff4af267d8122ef81137d8384a6bb_JaffaCakes118

  • Size

    1.8MB

  • Sample

    240613-nyjera1fpp

  • MD5

    a55ff4af267d8122ef81137d8384a6bb

  • SHA1

    8be35b7040feaa862a3363ff707bff0955abb846

  • SHA256

    cb28393a89b34ca385759220f5d5e8591718229ebd029dd217b48d60ebe26602

  • SHA512

    80cede9839e60b3fa02ac0fb51351c540ed2281873128a9a84458d3e5d41d5297dcebe4fb8e29750efed3ee246a1efc36fdaeba69bcaf06bdeb6a8a379a68179

  • SSDEEP

    24576:UuhaseZJ8NI85eZJ8NI8DerQZb+md4wmOeZJ8NI85eZJ8NI8DerQZb+md4wmvzsD:bk8u8DerQZbd2j8u8DerQZbd2rzm

Malware Config

Targets

    • Target

      a55ff4af267d8122ef81137d8384a6bb_JaffaCakes118

    • Size

      1.8MB

    • MD5

      a55ff4af267d8122ef81137d8384a6bb

    • SHA1

      8be35b7040feaa862a3363ff707bff0955abb846

    • SHA256

      cb28393a89b34ca385759220f5d5e8591718229ebd029dd217b48d60ebe26602

    • SHA512

      80cede9839e60b3fa02ac0fb51351c540ed2281873128a9a84458d3e5d41d5297dcebe4fb8e29750efed3ee246a1efc36fdaeba69bcaf06bdeb6a8a379a68179

    • SSDEEP

      24576:UuhaseZJ8NI85eZJ8NI8DerQZb+md4wmOeZJ8NI85eZJ8NI8DerQZb+md4wmvzsD:bk8u8DerQZbd2j8u8DerQZbd2rzm

    • Disables service(s)

    • Modifies visibility of file extensions in Explorer

    • Blocks application from running via registry modification

      Adds application to list of disallowed applications.

    • Sets file execution options in registry

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks