General
-
Target
0fe0e8736beca525247d2c952a086f7f_JaffaCakes118
-
Size
44KB
-
Sample
240625-26zctszbld
-
MD5
0fe0e8736beca525247d2c952a086f7f
-
SHA1
22ee647d8285dfbb9d031b7b259ee68129ce59b6
-
SHA256
4d83ebffa15f1977ea6f4aaef47c874d770a2a9e2ebd74b8e0298a5277f1a390
-
SHA512
eec8a7ff6c60a0ee4bfd0baff8069163a7071e79bcbdf77389f26134b138a034c4b248d949aa9541de3a55a3699ea374f63e8fb9d6413e04ca1c06c721da968e
-
SSDEEP
384:/wm3UqRKwBBUuRXt8eX2c9yfnH+8wdKRSJMZgJOftuOY+GHHbrg/XqRKwBBrm3:tPRd8GVQ+jJOgJOo6r
Malware Config
Targets
-
-
Target
0fe0e8736beca525247d2c952a086f7f_JaffaCakes118
-
Size
44KB
-
MD5
0fe0e8736beca525247d2c952a086f7f
-
SHA1
22ee647d8285dfbb9d031b7b259ee68129ce59b6
-
SHA256
4d83ebffa15f1977ea6f4aaef47c874d770a2a9e2ebd74b8e0298a5277f1a390
-
SHA512
eec8a7ff6c60a0ee4bfd0baff8069163a7071e79bcbdf77389f26134b138a034c4b248d949aa9541de3a55a3699ea374f63e8fb9d6413e04ca1c06c721da968e
-
SSDEEP
384:/wm3UqRKwBBUuRXt8eX2c9yfnH+8wdKRSJMZgJOftuOY+GHHbrg/XqRKwBBrm3:tPRd8GVQ+jJOgJOo6r
Score10/10-
Modifies visibility of file extensions in Explorer
-
Disables RegEdit via registry modification
-
Disables Task Manager via registry modification
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Adds Run key to start application
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Change Default File Association
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Change Default File Association
1