General

  • Target

    ee6bb45dd4a0cb70a5936eec95fcfa78_JaffaCakes118

  • Size

    2.9MB

  • Sample

    240920-zw448ayapk

  • MD5

    ee6bb45dd4a0cb70a5936eec95fcfa78

  • SHA1

    50f241ef1f63749d0fd2756ca9736f9c5434aa31

  • SHA256

    0291edf93d27bb6c8c717f62215fb629a556b2d8f08f6bda80f3b1ad42cb052b

  • SHA512

    cb769b96e75952967241e4916e3f1b6a311c59d21245a127272910ca4a3221562553372c8a1cb5d78e771e4cf9e1c571ecd4b0ccadcd0f36741ac66dc369edf2

  • SSDEEP

    24576:3uhaPOA2eZJ8NI8NahrO82R/+V8tgJd85PjypFHDUTweZhE:Yy8NK12+V8tgJd8ZjsVswF

Malware Config

Targets

    • Target

      ee6bb45dd4a0cb70a5936eec95fcfa78_JaffaCakes118

    • Size

      2.9MB

    • MD5

      ee6bb45dd4a0cb70a5936eec95fcfa78

    • SHA1

      50f241ef1f63749d0fd2756ca9736f9c5434aa31

    • SHA256

      0291edf93d27bb6c8c717f62215fb629a556b2d8f08f6bda80f3b1ad42cb052b

    • SHA512

      cb769b96e75952967241e4916e3f1b6a311c59d21245a127272910ca4a3221562553372c8a1cb5d78e771e4cf9e1c571ecd4b0ccadcd0f36741ac66dc369edf2

    • SSDEEP

      24576:3uhaPOA2eZJ8NI8NahrO82R/+V8tgJd85PjypFHDUTweZhE:Yy8NK12+V8tgJd8ZjsVswF

    • Disables service(s)

    • Modifies visibility of file extensions in Explorer

    • Blocks application from running via registry modification

      Adds application to list of disallowed applications.

    • Event Triggered Execution: Image File Execution Options Injection

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

    • Network Share Discovery

      Attempt to gather information on host network.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.