General
-
Target
43a26f6f209785c81e6b1e371fbb8ec7_JaffaCakes118
-
Size
1014KB
-
Sample
240713-2lspjszflp
-
MD5
43a26f6f209785c81e6b1e371fbb8ec7
-
SHA1
2fc71f5205ac6892ccb5472bb3061182873eef61
-
SHA256
b3a5ac256367609f705111108b81ae450d7f393bb58eb54f4066334f25d6712b
-
SHA512
b3e72dd11078fbb4b8c370021f46e13c5f82a5aa9b19b2bc05c18b5f938e9d693742758fbdba902e1b7ddc8452798b8ba512736f1f4ffd2b3d950632338ce0d6
-
SSDEEP
12288:gOZerQZb+md4w1UAUO6OB07OB0r2iYF+dnK2:LerQZb+md4wmAUOaOM2iVdK2
Malware Config
Targets
-
-
Target
43a26f6f209785c81e6b1e371fbb8ec7_JaffaCakes118
-
Size
1014KB
-
MD5
43a26f6f209785c81e6b1e371fbb8ec7
-
SHA1
2fc71f5205ac6892ccb5472bb3061182873eef61
-
SHA256
b3a5ac256367609f705111108b81ae450d7f393bb58eb54f4066334f25d6712b
-
SHA512
b3e72dd11078fbb4b8c370021f46e13c5f82a5aa9b19b2bc05c18b5f938e9d693742758fbdba902e1b7ddc8452798b8ba512736f1f4ffd2b3d950632338ce0d6
-
SSDEEP
12288:gOZerQZb+md4w1UAUO6OB07OB0r2iYF+dnK2:LerQZb+md4wmAUOaOM2iVdK2
Score10/10-
Disables service(s)
-
Modifies visibility of file extensions in Explorer
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Event Triggered Execution: Image File Execution Options Injection
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Image File Execution Options Injection
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Image File Execution Options Injection
1