General
-
Target
40f83e769127bfb27a43b5f4acd39f04_JaffaCakes118
-
Size
412KB
-
Sample
240713-klkkhatgmm
-
MD5
40f83e769127bfb27a43b5f4acd39f04
-
SHA1
27197bb97072f54223d95faaf5adcedccda4be1f
-
SHA256
eb96bbddba79a8c85b6b1694a026c9ed43b5104c925096932649de71886c8dbd
-
SHA512
5a826b2d66d0646904bacf38b5d8420013b46818cdb900e5e84bae13633af07cbc1d0b53ff3ebdec6bef9225e50e66256ffce9299e1c9fcf6ca3aee5e7414081
-
SSDEEP
12288:HvZo7fci0MpkloGj3wCwBSIWvMcjEPMp:HRoQipkloGsCwcvMcjEP
Malware Config
Targets
-
-
Target
40f83e769127bfb27a43b5f4acd39f04_JaffaCakes118
-
Size
412KB
-
MD5
40f83e769127bfb27a43b5f4acd39f04
-
SHA1
27197bb97072f54223d95faaf5adcedccda4be1f
-
SHA256
eb96bbddba79a8c85b6b1694a026c9ed43b5104c925096932649de71886c8dbd
-
SHA512
5a826b2d66d0646904bacf38b5d8420013b46818cdb900e5e84bae13633af07cbc1d0b53ff3ebdec6bef9225e50e66256ffce9299e1c9fcf6ca3aee5e7414081
-
SSDEEP
12288:HvZo7fci0MpkloGj3wCwBSIWvMcjEPMp:HRoQipkloGsCwcvMcjEP
Score10/10-
Windows security bypass
-
Disables taskbar notifications via registry modification
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Windows security modification
-
Adds Run key to start application
-