General
-
Target
8a86419f41fe9b0bfb0f40807264181c_JaffaCakes118
-
Size
1.8MB
-
Sample
240811-qnckka1elp
-
MD5
8a86419f41fe9b0bfb0f40807264181c
-
SHA1
0877dcc4d5ba867be7b075fa9e2dc979d4cf32c4
-
SHA256
400f4995e09e1afc10e2227fde39d3d406586362f8164a1019f7cbdf396f0704
-
SHA512
08058efb94a846d34d7b406d227e3447fec2dfb0d913b8f9de8e1ceee3a60a801e1c48c2099b18a4efdb937fabe1ff80ed2f35dfa950a5d338958e19a46299c4
-
SSDEEP
49152:J67/UHBEgzVdyD8WpOEZKFHaMJzIx8IUSe61/:kXgzVd68qzY8v1/
Static task
static1
Behavioral task
behavioral1
Sample
8a86419f41fe9b0bfb0f40807264181c_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
8a86419f41fe9b0bfb0f40807264181c_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
8a86419f41fe9b0bfb0f40807264181c_JaffaCakes118
-
Size
1.8MB
-
MD5
8a86419f41fe9b0bfb0f40807264181c
-
SHA1
0877dcc4d5ba867be7b075fa9e2dc979d4cf32c4
-
SHA256
400f4995e09e1afc10e2227fde39d3d406586362f8164a1019f7cbdf396f0704
-
SHA512
08058efb94a846d34d7b406d227e3447fec2dfb0d913b8f9de8e1ceee3a60a801e1c48c2099b18a4efdb937fabe1ff80ed2f35dfa950a5d338958e19a46299c4
-
SSDEEP
49152:J67/UHBEgzVdyD8WpOEZKFHaMJzIx8IUSe61/:kXgzVd68qzY8v1/
-
Modifies Windows Firewall
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Defense Evasion
Impair Defenses
1Disable or Modify System Firewall
1Modify Registry
2