General
-
Target
38111436799e609910e217cb7c2495c3_JaffaCakes118
-
Size
80KB
-
Sample
241012-c6mxcsybnd
-
MD5
38111436799e609910e217cb7c2495c3
-
SHA1
37df51e959b74baf7cea4a8e41378cdba74873c7
-
SHA256
e1fc2d041e6c402099e3fd80a7dc5792ae30926266d3454b06c07b483b0a2242
-
SHA512
dcc0ffdb4778cfdce4ddb6122671c1d7c19829e0813f298ea93e6efbe27b8b903aaa032c54c211a02dbcb5d6ccc1fe9b21b1b916690ff9b2cf7e097db5123ab4
-
SSDEEP
768:ueNOwWn/HB8HMND8DBbYxeNOwWn/HB8iaC:ueNCn/HB8HMNYDBboeNCn/HB8ir
Malware Config
Targets
-
-
Target
38111436799e609910e217cb7c2495c3_JaffaCakes118
-
Size
80KB
-
MD5
38111436799e609910e217cb7c2495c3
-
SHA1
37df51e959b74baf7cea4a8e41378cdba74873c7
-
SHA256
e1fc2d041e6c402099e3fd80a7dc5792ae30926266d3454b06c07b483b0a2242
-
SHA512
dcc0ffdb4778cfdce4ddb6122671c1d7c19829e0813f298ea93e6efbe27b8b903aaa032c54c211a02dbcb5d6ccc1fe9b21b1b916690ff9b2cf7e097db5123ab4
-
SSDEEP
768:ueNOwWn/HB8HMND8DBbYxeNOwWn/HB8iaC:ueNCn/HB8HMNYDBboeNCn/HB8ir
Score10/10-
Modifies visibility of file extensions in Explorer
-
Executes dropped EXE
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2