General
-
Target
1b9aac91eee54cffc5e27c374a11a99b_JaffaCakes118
-
Size
5.9MB
-
Sample
241007-fl9geaxcjl
-
MD5
1b9aac91eee54cffc5e27c374a11a99b
-
SHA1
dcadbc0f895816c6c403f06b3f8e12f279a6cf7c
-
SHA256
fb76a02ffa6e3ef8c141e7994f808e76013e4e39f03a2c2f4cffeec8fcbd6e45
-
SHA512
19bc82314eed220bb34c0d467185fec9ed5cda022f9efe05e56acad7bdecd33b4e3013317707911e645df44bd6c412fd1fc16dc6261ee2c7cc2dd0f747eaf36f
-
SSDEEP
98304:i5rnFM6H/8YUSGQEXg805FqDDeqTeN3q7mKm8etA4HtcYK8iDhHmTZSruagajd:AzFMw/8YU7caPeqs3ZVAJYKJNGSuagap
Static task
static1
Behavioral task
behavioral1
Sample
1b9aac91eee54cffc5e27c374a11a99b_JaffaCakes118.msi
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
1b9aac91eee54cffc5e27c374a11a99b_JaffaCakes118.msi
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
1b9aac91eee54cffc5e27c374a11a99b_JaffaCakes118
-
Size
5.9MB
-
MD5
1b9aac91eee54cffc5e27c374a11a99b
-
SHA1
dcadbc0f895816c6c403f06b3f8e12f279a6cf7c
-
SHA256
fb76a02ffa6e3ef8c141e7994f808e76013e4e39f03a2c2f4cffeec8fcbd6e45
-
SHA512
19bc82314eed220bb34c0d467185fec9ed5cda022f9efe05e56acad7bdecd33b4e3013317707911e645df44bd6c412fd1fc16dc6261ee2c7cc2dd0f747eaf36f
-
SSDEEP
98304:i5rnFM6H/8YUSGQEXg805FqDDeqTeN3q7mKm8etA4HtcYK8iDhHmTZSruagajd:AzFMw/8YU7caPeqs3ZVAJYKJNGSuagap
-
Possible privilege escalation attempt
-
Modifies file permissions
-
Blocklisted process makes network request
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
File and Directory Permissions Modification: Windows File and Directory Permissions Modification
-
MITRE ATT&CK Enterprise v15
Defense Evasion
File and Directory Permissions Modification
2Windows File and Directory Permissions Modification
1System Binary Proxy Execution
1Msiexec
1