General
-
Target
99ad633f8692cf7e8ea375f7e611ca28_JaffaCakes118
-
Size
6.2MB
-
Sample
240815-k4weqavgla
-
MD5
99ad633f8692cf7e8ea375f7e611ca28
-
SHA1
b8210b438244e2e620131eed938c2fac081ab342
-
SHA256
fc0eee220cef0c364edb4cb6ff45e12b2d3c035b2be1072c627e40c4a298ea72
-
SHA512
22fcaa1888cbe60d171cd5fb14844b0f0f5f196b62d81c81c8d421fceb6ac3240738d66e3bf6d9344dea16196915b8feddf7c3e95d8c24e8cd4159b99fbfedbc
-
SSDEEP
98304:XKrgt/t3w29eT/bkp7D0gF/8naV49+4z8RXNu+lZaCo4c0+gNwA8cC28rvI6s:B93a/Yp0DnU4o6ohZJpez1X
Static task
static1
Behavioral task
behavioral1
Sample
99ad633f8692cf7e8ea375f7e611ca28_JaffaCakes118.msi
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
99ad633f8692cf7e8ea375f7e611ca28_JaffaCakes118.msi
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
99ad633f8692cf7e8ea375f7e611ca28_JaffaCakes118
-
Size
6.2MB
-
MD5
99ad633f8692cf7e8ea375f7e611ca28
-
SHA1
b8210b438244e2e620131eed938c2fac081ab342
-
SHA256
fc0eee220cef0c364edb4cb6ff45e12b2d3c035b2be1072c627e40c4a298ea72
-
SHA512
22fcaa1888cbe60d171cd5fb14844b0f0f5f196b62d81c81c8d421fceb6ac3240738d66e3bf6d9344dea16196915b8feddf7c3e95d8c24e8cd4159b99fbfedbc
-
SSDEEP
98304:XKrgt/t3w29eT/bkp7D0gF/8naV49+4z8RXNu+lZaCo4c0+gNwA8cC28rvI6s:B93a/Yp0DnU4o6ohZJpez1X
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Installer Packages
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Installer Packages
1