General

  • Target

    a7b509bfe65e73a188f6bda69bbaa45b_JaffaCakes118

  • Size

    733KB

  • Sample

    240614-cwb24ssaqa

  • MD5

    a7b509bfe65e73a188f6bda69bbaa45b

  • SHA1

    c1806048206aaae250a96442baebd3ce7d504c75

  • SHA256

    9d916b9060d785701dd646438829667171033d3b81faf07a6c0b4ad7447de56e

  • SHA512

    7cf157b15233fd5e977ca8a7bea0198572f64fb90ae65c2b7c3f8419e5fc3b1c5b30698bdf33e3ac32a1253b29d58c90dba93c3da91ef72655eda728e6a870e6

  • SSDEEP

    12288:UZWtI6RkVOB0v2eZJys73dOvXDpNjNe8TOB0heZJys73dOvXDpNjNe8r:UuhaVOA2eZJ8NI8TOieZJ8NI8r

Malware Config

Targets

    • Target

      a7b509bfe65e73a188f6bda69bbaa45b_JaffaCakes118

    • Size

      733KB

    • MD5

      a7b509bfe65e73a188f6bda69bbaa45b

    • SHA1

      c1806048206aaae250a96442baebd3ce7d504c75

    • SHA256

      9d916b9060d785701dd646438829667171033d3b81faf07a6c0b4ad7447de56e

    • SHA512

      7cf157b15233fd5e977ca8a7bea0198572f64fb90ae65c2b7c3f8419e5fc3b1c5b30698bdf33e3ac32a1253b29d58c90dba93c3da91ef72655eda728e6a870e6

    • SSDEEP

      12288:UZWtI6RkVOB0v2eZJys73dOvXDpNjNe8TOB0heZJys73dOvXDpNjNe8r:UuhaVOA2eZJ8NI8TOieZJ8NI8r

    • Disables service(s)

    • Modifies visibility of file extensions in Explorer

    • Blocks application from running via registry modification

      Adds application to list of disallowed applications.

    • Sets file execution options in registry

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks