General
-
Target
d0255a0b4e468f709c8a8673a1d49035_JaffaCakes118
-
Size
284KB
-
Sample
240906-wnp4js1brf
-
MD5
d0255a0b4e468f709c8a8673a1d49035
-
SHA1
2976712f82b93600921811f59f7cbea17a7a9601
-
SHA256
2cf948d90f2971e902a2294ae324a23ae1556644ed9ecd463bda41d6f9a7c2db
-
SHA512
00f93ffbf2ae10c4dfdf74ccc1771b539e0246215cd2805afaf7122eb644bb07a0cf7846dadcd93a7ca361d02f815f0ccbfbceb86fe045e122fac51c85ed6047
-
SSDEEP
3072:tXbmAgiyC6T8fGJKTtSBKVEHRuoj3Y1BywfD4uwStjAjTUKITcFUeCfx6CZMxqCo:36YLcBKiYfDRwStjgQLc6eBSqSOXoqQ
Static task
static1
Behavioral task
behavioral1
Sample
d0255a0b4e468f709c8a8673a1d49035_JaffaCakes118.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
d0255a0b4e468f709c8a8673a1d49035_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
d0255a0b4e468f709c8a8673a1d49035_JaffaCakes118
-
Size
284KB
-
MD5
d0255a0b4e468f709c8a8673a1d49035
-
SHA1
2976712f82b93600921811f59f7cbea17a7a9601
-
SHA256
2cf948d90f2971e902a2294ae324a23ae1556644ed9ecd463bda41d6f9a7c2db
-
SHA512
00f93ffbf2ae10c4dfdf74ccc1771b539e0246215cd2805afaf7122eb644bb07a0cf7846dadcd93a7ca361d02f815f0ccbfbceb86fe045e122fac51c85ed6047
-
SSDEEP
3072:tXbmAgiyC6T8fGJKTtSBKVEHRuoj3Y1BywfD4uwStjAjTUKITcFUeCfx6CZMxqCo:36YLcBKiYfDRwStjgQLc6eBSqSOXoqQ
Score8/10-
Boot or Logon Autostart Execution: Port Monitors
Adversaries may use port monitors to run an adversary supplied DLL during system boot for persistence or privilege escalation.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Remote Services: SMB/Windows Admin Shares
Adversaries may use Valid Accounts to interact with a remote network share using Server Message Block (SMB).
-
Drops file in System32 directory
-