General
-
Target
2b91f2b86a7edc1d20387fcc32ebbe1d_JaffaCakes118
-
Size
76KB
-
Sample
240708-jv3l1azbrq
-
MD5
2b91f2b86a7edc1d20387fcc32ebbe1d
-
SHA1
dfd665ec9dcc568dec7d0fb3344cf41bc8826720
-
SHA256
2085b473f0db0206eb5781825c1c2be00d6f85f8789da23d496d57eb82b21852
-
SHA512
5879d64ed9bf70798a60c4a6fe49f26d6f2f5482c342f14a1d9e35817f26ed9ce9f8a734bc90d3ce271c2a2ea0581dfb5adc9fb279d42a3ef74511f567645be9
-
SSDEEP
768:fembNRqsuhlGOBrhgFwu8CbxTGy/BBGg4NKJJKqUThbJ32+ve7i40vN0TlT+Xkhw:Rnqdu3rbBGy3G8V0iuoKz
Malware Config
Targets
-
-
Target
2b91f2b86a7edc1d20387fcc32ebbe1d_JaffaCakes118
-
Size
76KB
-
MD5
2b91f2b86a7edc1d20387fcc32ebbe1d
-
SHA1
dfd665ec9dcc568dec7d0fb3344cf41bc8826720
-
SHA256
2085b473f0db0206eb5781825c1c2be00d6f85f8789da23d496d57eb82b21852
-
SHA512
5879d64ed9bf70798a60c4a6fe49f26d6f2f5482c342f14a1d9e35817f26ed9ce9f8a734bc90d3ce271c2a2ea0581dfb5adc9fb279d42a3ef74511f567645be9
-
SSDEEP
768:fembNRqsuhlGOBrhgFwu8CbxTGy/BBGg4NKJJKqUThbJ32+ve7i40vN0TlT+Xkhw:Rnqdu3rbBGy3G8V0iuoKz
Score10/10-
Modifies visibility of file extensions in Explorer
-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Change Default File Association
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Change Default File Association
1Defense Evasion
Hide Artifacts
2Hidden Files and Directories
2Modify Registry
4