General
-
Target
a3c37c5a5b9d8c7d03dadf1f868c57d9_JaffaCakes118
-
Size
393KB
-
Sample
240817-xsrnlsvbnk
-
MD5
a3c37c5a5b9d8c7d03dadf1f868c57d9
-
SHA1
cce6a9c9e797ed506f4b45f166017f8414fff6e3
-
SHA256
ecec70da5cbcf55426ea5e22058d9db2bf2cb2a6096ffff71b0b21a142ca3217
-
SHA512
abc11d7782a6477854faed223cd0e0f9351e280a99a7e8128005443e75dde5e9c62c98d7785c3f9bd656dc48c0a548603d058b734013f35f968b5111cb7fba14
-
SSDEEP
6144:/xg7dUShNmPhlen1GJw9B1uqY1dZHhptjYUxevM79lWzuDRsxyYZvy0TDjM7Y/6M:Jg7dUmmLen1G6Lkjr7plWzuDRsVqs6To
Malware Config
Targets
-
-
Target
a3c37c5a5b9d8c7d03dadf1f868c57d9_JaffaCakes118
-
Size
393KB
-
MD5
a3c37c5a5b9d8c7d03dadf1f868c57d9
-
SHA1
cce6a9c9e797ed506f4b45f166017f8414fff6e3
-
SHA256
ecec70da5cbcf55426ea5e22058d9db2bf2cb2a6096ffff71b0b21a142ca3217
-
SHA512
abc11d7782a6477854faed223cd0e0f9351e280a99a7e8128005443e75dde5e9c62c98d7785c3f9bd656dc48c0a548603d058b734013f35f968b5111cb7fba14
-
SSDEEP
6144:/xg7dUShNmPhlen1GJw9B1uqY1dZHhptjYUxevM79lWzuDRsxyYZvy0TDjM7Y/6M:Jg7dUmmLen1G6Lkjr7plWzuDRsVqs6To
Score10/10-
Windows security bypass
-
Disables taskbar notifications via registry modification
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Windows security modification
-
Adds Run key to start application
-