General
-
Target
ee4bbfa607cafd2f483f9ca5fd43be08_JaffaCakes118
-
Size
672KB
-
Sample
240920-yektksthqf
-
MD5
ee4bbfa607cafd2f483f9ca5fd43be08
-
SHA1
d8ea7aca847676428df5c6031a096346c15eab52
-
SHA256
d8398192701bdc50fda8a972c0bbb515d96638ccf33815f21f1db74ca39f4f93
-
SHA512
0cfaae43f6eb569876832298e4ec45034e6cd38b5a78bc40c11bb13b85fe5ac24147a4e1cdbab67b39671874af1d6be88f3b70c247f5b7819d4948326b261b34
-
SSDEEP
6144:luIL4XOrbL8uuTpsPHhhtQDdINgP2iMjz5qBHswNet4gjWlpkD51aIA:l7lr079s/hhtudFWJIHZNeygjW8D
Malware Config
Targets
-
-
Target
ee4bbfa607cafd2f483f9ca5fd43be08_JaffaCakes118
-
Size
672KB
-
MD5
ee4bbfa607cafd2f483f9ca5fd43be08
-
SHA1
d8ea7aca847676428df5c6031a096346c15eab52
-
SHA256
d8398192701bdc50fda8a972c0bbb515d96638ccf33815f21f1db74ca39f4f93
-
SHA512
0cfaae43f6eb569876832298e4ec45034e6cd38b5a78bc40c11bb13b85fe5ac24147a4e1cdbab67b39671874af1d6be88f3b70c247f5b7819d4948326b261b34
-
SSDEEP
6144:luIL4XOrbL8uuTpsPHhhtQDdINgP2iMjz5qBHswNet4gjWlpkD51aIA:l7lr079s/hhtudFWJIHZNeygjW8D
Score10/10-
Modifies WinLogon for persistence
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Drops file in System32 directory
-