General
-
Target
c25e149b6ccc97dd6f46d848dd565933_JaffaCakes118
-
Size
340KB
-
Sample
240826-f58zzsyfrp
-
MD5
c25e149b6ccc97dd6f46d848dd565933
-
SHA1
b1c3acceeb8d4943b076e4bc2de35602594459f2
-
SHA256
a50e330055fa31b4c20ab1ebccaf023e8365528beaa6d879a51c23ed9ddbabfa
-
SHA512
74d2a281fa6af8cca386b5736d77a7a408f5f3a69527aca0637ff3a075fb4ffaceef74541d6ee25f6a9c5e724e2f8e24f69de15352858c552cdf291bca38e838
-
SSDEEP
6144:w5tHzLcSj5PSXyggMfOLRTYO+9wTLfdvyhEwFUsjRLTt+/sPJ6:EFhgh2R8O+yFqpLh+qJ6
Malware Config
Targets
-
-
Target
c25e149b6ccc97dd6f46d848dd565933_JaffaCakes118
-
Size
340KB
-
MD5
c25e149b6ccc97dd6f46d848dd565933
-
SHA1
b1c3acceeb8d4943b076e4bc2de35602594459f2
-
SHA256
a50e330055fa31b4c20ab1ebccaf023e8365528beaa6d879a51c23ed9ddbabfa
-
SHA512
74d2a281fa6af8cca386b5736d77a7a408f5f3a69527aca0637ff3a075fb4ffaceef74541d6ee25f6a9c5e724e2f8e24f69de15352858c552cdf291bca38e838
-
SSDEEP
6144:w5tHzLcSj5PSXyggMfOLRTYO+9wTLfdvyhEwFUsjRLTt+/sPJ6:EFhgh2R8O+yFqpLh+qJ6
Score10/10-
Windows security bypass
-
Disables taskbar notifications via registry modification
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Windows security modification
-
Adds Run key to start application
-