General
-
Target
3e617d6d5706fb17910993a1f437bc04_JaffaCakes118
-
Size
75KB
-
Sample
241013-hjdcastekc
-
MD5
3e617d6d5706fb17910993a1f437bc04
-
SHA1
b573d03b908ad174b52fceffe2d3a916aad29b0a
-
SHA256
0aa331e059d88d0bdbfd3516bb110b2a796a9ff86e9b9c9720909c60a7609555
-
SHA512
cdfb7c1d360e1dfb67a06878227fb659da885c78e886fead1b6de7f87ba551e5befa3e13eabd867e4ef0f0536f0d049c7ac8c08fd9b9d8b0d26f8f253aba02fe
-
SSDEEP
1536:QwDZWlNkY/NAfAb42LniOeGoTV8H1O+kXSQbAVQjg:Qw1WlVCRgeF8VIX0t
Malware Config
Targets
-
-
Target
3e617d6d5706fb17910993a1f437bc04_JaffaCakes118
-
Size
75KB
-
MD5
3e617d6d5706fb17910993a1f437bc04
-
SHA1
b573d03b908ad174b52fceffe2d3a916aad29b0a
-
SHA256
0aa331e059d88d0bdbfd3516bb110b2a796a9ff86e9b9c9720909c60a7609555
-
SHA512
cdfb7c1d360e1dfb67a06878227fb659da885c78e886fead1b6de7f87ba551e5befa3e13eabd867e4ef0f0536f0d049c7ac8c08fd9b9d8b0d26f8f253aba02fe
-
SSDEEP
1536:QwDZWlNkY/NAfAb42LniOeGoTV8H1O+kXSQbAVQjg:Qw1WlVCRgeF8VIX0t
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Event Triggered Execution: Image File Execution Options Injection
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
MITRE ATT&CK Enterprise v15
Persistence
Event Triggered Execution
2Change Default File Association
1Image File Execution Options Injection
1Privilege Escalation
Event Triggered Execution
2Change Default File Association
1Image File Execution Options Injection
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2