General
-
Target
127aeb2b2915e1737ab57c48e445d682_JaffaCakes118
-
Size
228KB
-
Sample
240626-sxx9qstdjp
-
MD5
127aeb2b2915e1737ab57c48e445d682
-
SHA1
3e044a7f90c56b7964e6dc140cb445e4eab64680
-
SHA256
a3e823d2c1d5008d2f392a7178c32cfdddddc44d6aacabc9f6f47762c5fbd40b
-
SHA512
f399914189a72176ca46234c2071b48b32a772ab475b76bb795eff58aca4992c4833ee150b30dc5f5b1c7600626f0f7e06f187384d2f34ca3392ff6695bb7843
-
SSDEEP
3072:Hr5mt+m6dyCBHSq9SkM81VF18nn3e7mKdC7SiNGTf3fifFyaLW/IxcM4yaD:HHbDwq9X11VF1u3e7LdAqPGFy0XxcX
Static task
static1
Behavioral task
behavioral1
Sample
127aeb2b2915e1737ab57c48e445d682_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
127aeb2b2915e1737ab57c48e445d682_JaffaCakes118
-
Size
228KB
-
MD5
127aeb2b2915e1737ab57c48e445d682
-
SHA1
3e044a7f90c56b7964e6dc140cb445e4eab64680
-
SHA256
a3e823d2c1d5008d2f392a7178c32cfdddddc44d6aacabc9f6f47762c5fbd40b
-
SHA512
f399914189a72176ca46234c2071b48b32a772ab475b76bb795eff58aca4992c4833ee150b30dc5f5b1c7600626f0f7e06f187384d2f34ca3392ff6695bb7843
-
SSDEEP
3072:Hr5mt+m6dyCBHSq9SkM81VF18nn3e7mKdC7SiNGTf3fifFyaLW/IxcM4yaD:HHbDwq9X11VF1u3e7LdAqPGFy0XxcX
-
Adds policy Run key to start application
-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-