General
-
Target
2a0acf5932cc1ff1c1d52be21fbc7184_JaffaCakes118
-
Size
533KB
-
Sample
240707-2pxgxascpd
-
MD5
2a0acf5932cc1ff1c1d52be21fbc7184
-
SHA1
92962756ded4eefaef1afd7ee0871e4472a09c5f
-
SHA256
ea68ac94f7e6b26e48414341681247aa49e75b5cc678b18a2060ebf992d4fbb2
-
SHA512
cede240b560a08c4e2a8c60adba648cd8619317c8a9a67cc9b883db7b6cff3321dc7e25a36f0da63da76c6fd179b67f75337adef8c0f4806ba0981614a97e705
-
SSDEEP
6144:GWZfec9EbXDk6RkQKf/UOPSe570Szp3Znmy+g4IE2Ernmy+g46nmy+g4H:3ZWtI6RkaOB06arV2
Behavioral task
behavioral1
Sample
2a0acf5932cc1ff1c1d52be21fbc7184_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
2a0acf5932cc1ff1c1d52be21fbc7184_JaffaCakes118.exe
Resource
win10v2004-20240704-en
Malware Config
Targets
-
-
Target
2a0acf5932cc1ff1c1d52be21fbc7184_JaffaCakes118
-
Size
533KB
-
MD5
2a0acf5932cc1ff1c1d52be21fbc7184
-
SHA1
92962756ded4eefaef1afd7ee0871e4472a09c5f
-
SHA256
ea68ac94f7e6b26e48414341681247aa49e75b5cc678b18a2060ebf992d4fbb2
-
SHA512
cede240b560a08c4e2a8c60adba648cd8619317c8a9a67cc9b883db7b6cff3321dc7e25a36f0da63da76c6fd179b67f75337adef8c0f4806ba0981614a97e705
-
SSDEEP
6144:GWZfec9EbXDk6RkQKf/UOPSe570Szp3Znmy+g4IE2Ernmy+g46nmy+g4H:3ZWtI6RkaOB06arV2
Score10/10-
Modifies visibility of file extensions in Explorer
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Event Triggered Execution: Image File Execution Options Injection
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Image File Execution Options Injection
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Image File Execution Options Injection
1