General
-
Target
1586cc3a130eecae62a61fae4e4db332_JaffaCakes118
-
Size
456KB
-
Sample
240627-lntfvsvbrf
-
MD5
1586cc3a130eecae62a61fae4e4db332
-
SHA1
aa30896f6f3969335a5ac3bcc7023a7817875700
-
SHA256
0799ce6bca68ee46cd9c7c6a4519bd1182678176e38e49a3415f759159eec046
-
SHA512
a754074814fef94e0b0d6b73018eff7b1c94cecfbcc693db99df5dfe73d6159910dcc4c3b3e37de9b67014b66c4a8c0877f1b9e2bd60fedea429607609186651
-
SSDEEP
6144:zg+GnUR3dZVzcqON3wlrfnvoGL4+kPKy/OIjw/5UR3dZVzcqON3wlrfnOeg+BKni:vVtQcrHapjy6VtQcrgnwXQPk
Malware Config
Targets
-
-
Target
1586cc3a130eecae62a61fae4e4db332_JaffaCakes118
-
Size
456KB
-
MD5
1586cc3a130eecae62a61fae4e4db332
-
SHA1
aa30896f6f3969335a5ac3bcc7023a7817875700
-
SHA256
0799ce6bca68ee46cd9c7c6a4519bd1182678176e38e49a3415f759159eec046
-
SHA512
a754074814fef94e0b0d6b73018eff7b1c94cecfbcc693db99df5dfe73d6159910dcc4c3b3e37de9b67014b66c4a8c0877f1b9e2bd60fedea429607609186651
-
SSDEEP
6144:zg+GnUR3dZVzcqON3wlrfnvoGL4+kPKy/OIjw/5UR3dZVzcqON3wlrfnOeg+BKni:vVtQcrHapjy6VtQcrgnwXQPk
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Event Triggered Execution: Image File Execution Options Injection
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Image File Execution Options Injection
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Image File Execution Options Injection
1