General
-
Target
ac7558c0206464e1906660214b7cec90_JaffaCakes118
-
Size
77KB
-
Sample
240819-y76xhstgna
-
MD5
ac7558c0206464e1906660214b7cec90
-
SHA1
950ef5624113af1950e44d7d3bf27aa9bf145ac9
-
SHA256
cbbbc306cccd22e4e54eaa3c419862473858ed2026793301ae6fb95a9f2d580f
-
SHA512
baa5d1f3fd0010034db6fe43d1db7e0b7c988bb7caa48bc3689cc1ad98e0a81fe70194d98e8110e5fe8867f2b3b55ebe9862485095b3b2b3390e787a2edecefe
-
SSDEEP
1536:U4yRbnrdKOyyyQKv5nz2KGqdmz4hylU6T6FmENQn:U16OpyQK5nBGlshylU6T6AEen
Static task
static1
Behavioral task
behavioral1
Sample
ac7558c0206464e1906660214b7cec90_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
ac7558c0206464e1906660214b7cec90_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
ac7558c0206464e1906660214b7cec90_JaffaCakes118
-
Size
77KB
-
MD5
ac7558c0206464e1906660214b7cec90
-
SHA1
950ef5624113af1950e44d7d3bf27aa9bf145ac9
-
SHA256
cbbbc306cccd22e4e54eaa3c419862473858ed2026793301ae6fb95a9f2d580f
-
SHA512
baa5d1f3fd0010034db6fe43d1db7e0b7c988bb7caa48bc3689cc1ad98e0a81fe70194d98e8110e5fe8867f2b3b55ebe9862485095b3b2b3390e787a2edecefe
-
SSDEEP
1536:U4yRbnrdKOyyyQKv5nz2KGqdmz4hylU6T6FmENQn:U16OpyQK5nBGlshylU6T6AEen
Score8/10-
Adds policy Run key to start application
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Modifies WinLogon
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1