General
-
Target
153dd246a294b728fd7158f62d0c000b_JaffaCakes118
-
Size
2.3MB
-
Sample
240627-jvlcqazdqb
-
MD5
153dd246a294b728fd7158f62d0c000b
-
SHA1
88cbf8febe5d1529d024fed35318f4a846ce6343
-
SHA256
eaa24301d7071d49e711b13cf2af8ed0c451258163c0fbd6bdcc90d717d9d00a
-
SHA512
9929ece7280972392353f8058937d671b353594e0457e2ae37712429b26fd77e97f2075ae3821ff5d24879691131077caa33827deb7557941bfb3abd23c512b1
-
SSDEEP
24576:3uhaVOA2eZJ8NI8NahR1+V8tgJd8l2Rq2NeZ9eeZS4HTFj:YM8NKR1+V8tgJd8lRA4el4HTh
Malware Config
Targets
-
-
Target
153dd246a294b728fd7158f62d0c000b_JaffaCakes118
-
Size
2.3MB
-
MD5
153dd246a294b728fd7158f62d0c000b
-
SHA1
88cbf8febe5d1529d024fed35318f4a846ce6343
-
SHA256
eaa24301d7071d49e711b13cf2af8ed0c451258163c0fbd6bdcc90d717d9d00a
-
SHA512
9929ece7280972392353f8058937d671b353594e0457e2ae37712429b26fd77e97f2075ae3821ff5d24879691131077caa33827deb7557941bfb3abd23c512b1
-
SSDEEP
24576:3uhaVOA2eZJ8NI8NahR1+V8tgJd8l2Rq2NeZ9eeZS4HTFj:YM8NKR1+V8tgJd8lRA4el4HTh
Score10/10-
Disables service(s)
-
Modifies visibility of file extensions in Explorer
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Event Triggered Execution: Image File Execution Options Injection
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Image File Execution Options Injection
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Image File Execution Options Injection
1