General
-
Target
27df4f44a449a803adcc42b7f9a93f6e_JaffaCakes118
-
Size
1.8MB
-
Sample
240706-j7jpnavbpf
-
MD5
27df4f44a449a803adcc42b7f9a93f6e
-
SHA1
46033a6e55cf2172e099e8df4ca4f9c7514c23c9
-
SHA256
6f5274360b080f669d29d5e60373c7f80612595fbfd1257cde5ac4b346a7fb1a
-
SHA512
dc2d150df2806c5aff6279674459264d2a674e5d0d460f60832cc7c31b870bbc083ae41ff1c8acdfdc356127f3337b84fa57290d0d400eb140ca03ed4c0938ba
-
SSDEEP
12288:gOuZOaruLYAxf4546zcOuZOaruLYAxf4546zcOuZOaruLYAxf4546zcOuZOaruL0:obcYs40bcYs40bcYs40bcYs40bcYs44B
Malware Config
Targets
-
-
Target
27df4f44a449a803adcc42b7f9a93f6e_JaffaCakes118
-
Size
1.8MB
-
MD5
27df4f44a449a803adcc42b7f9a93f6e
-
SHA1
46033a6e55cf2172e099e8df4ca4f9c7514c23c9
-
SHA256
6f5274360b080f669d29d5e60373c7f80612595fbfd1257cde5ac4b346a7fb1a
-
SHA512
dc2d150df2806c5aff6279674459264d2a674e5d0d460f60832cc7c31b870bbc083ae41ff1c8acdfdc356127f3337b84fa57290d0d400eb140ca03ed4c0938ba
-
SSDEEP
12288:gOuZOaruLYAxf4546zcOuZOaruLYAxf4546zcOuZOaruLYAxf4546zcOuZOaruL0:obcYs40bcYs40bcYs40bcYs40bcYs44B
Score10/10-
Disables service(s)
-
Modifies visibility of file extensions in Explorer
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Event Triggered Execution: Image File Execution Options Injection
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Image File Execution Options Injection
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Image File Execution Options Injection
1