General
-
Target
7601d3389b3a80f8a30521fbd86e79a3_JaffaCakes118
-
Size
444KB
-
Sample
240726-2gam6syfrp
-
MD5
7601d3389b3a80f8a30521fbd86e79a3
-
SHA1
a64ff9d17e1148ee975ffcc66ef0c299e74885db
-
SHA256
8e6a2548f5841e4aebb708ffc66cb13661bbb095a72faf851f075d9e9009567c
-
SHA512
a5470d186aa2d36a341670b449a3d3bfa5a6493370df948680704f1a2fc32dcd04d7ce0a3dc06323fa2c9b953ed080e3e24daaa53d6d7ee1342367f23d376a32
-
SSDEEP
6144:r6dNvTF9oX2kqfq0Sql0rnuBTYWbijdiNRWZbGNA:r6jcqy0BbfgEN
Malware Config
Targets
-
-
Target
7601d3389b3a80f8a30521fbd86e79a3_JaffaCakes118
-
Size
444KB
-
MD5
7601d3389b3a80f8a30521fbd86e79a3
-
SHA1
a64ff9d17e1148ee975ffcc66ef0c299e74885db
-
SHA256
8e6a2548f5841e4aebb708ffc66cb13661bbb095a72faf851f075d9e9009567c
-
SHA512
a5470d186aa2d36a341670b449a3d3bfa5a6493370df948680704f1a2fc32dcd04d7ce0a3dc06323fa2c9b953ed080e3e24daaa53d6d7ee1342367f23d376a32
-
SSDEEP
6144:r6dNvTF9oX2kqfq0Sql0rnuBTYWbijdiNRWZbGNA:r6jcqy0BbfgEN
Score10/10-
Modifies WinLogon for persistence
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-