General
-
Target
04298692d9984bdc001491374d9adac3_JaffaCakes118
-
Size
114KB
-
Sample
240622-2fzkxaxeke
-
MD5
04298692d9984bdc001491374d9adac3
-
SHA1
63de24ef8f80f3cab5df3eeadd4ad89731d7b639
-
SHA256
03292c63b3507f52497103ba86c199151bba4221f6ec3127015efd081add4764
-
SHA512
0aee5ed488de66232f7180681ed869147ed9a364834e4891911c6bc67639783d20c0075b75a49dbb73f03db4e76a9f8d6c9f8284b52dffffc4b0ec67b633266b
-
SSDEEP
3072:OVl3bfuX5ATimq4550Ithi2wAbeJA4yHzzIEsc1V56ND:G3jE5ATfqyZth1ei4czz/V5
Behavioral task
behavioral1
Sample
04298692d9984bdc001491374d9adac3_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
04298692d9984bdc001491374d9adac3_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
04298692d9984bdc001491374d9adac3_JaffaCakes118
-
Size
114KB
-
MD5
04298692d9984bdc001491374d9adac3
-
SHA1
63de24ef8f80f3cab5df3eeadd4ad89731d7b639
-
SHA256
03292c63b3507f52497103ba86c199151bba4221f6ec3127015efd081add4764
-
SHA512
0aee5ed488de66232f7180681ed869147ed9a364834e4891911c6bc67639783d20c0075b75a49dbb73f03db4e76a9f8d6c9f8284b52dffffc4b0ec67b633266b
-
SSDEEP
3072:OVl3bfuX5ATimq4550Ithi2wAbeJA4yHzzIEsc1V56ND:G3jE5ATfqyZth1ei4czz/V5
Score8/10-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Adds Run key to start application
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-