General
-
Target
486fd221c26593abec3ae0a67cdf897b_JaffaCakes118
-
Size
861KB
-
Sample
241015-r9j27svcjn
-
MD5
486fd221c26593abec3ae0a67cdf897b
-
SHA1
d062d9182f7ab02a2572a8afc9b3c8b729b29bba
-
SHA256
737baceb7a8c10d9ed7bea95348a23c148eae725d056e26dc567973e1d69fb91
-
SHA512
5f25745200700f9e6a433a1b82ec20f6386c37f16a1619a510d0840d337d77605b8f85e021b3c120d112ee0b1b291ca00e974c62de454e3985fb9f387251dd75
-
SSDEEP
24576:FoR2NKhYSFC37BoK3pRsIFQ4KWBpqR17wGyQJp:OR/U2kDsIFu0ci
Static task
static1
Behavioral task
behavioral1
Sample
486fd221c26593abec3ae0a67cdf897b_JaffaCakes118.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
486fd221c26593abec3ae0a67cdf897b_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
486fd221c26593abec3ae0a67cdf897b_JaffaCakes118
-
Size
861KB
-
MD5
486fd221c26593abec3ae0a67cdf897b
-
SHA1
d062d9182f7ab02a2572a8afc9b3c8b729b29bba
-
SHA256
737baceb7a8c10d9ed7bea95348a23c148eae725d056e26dc567973e1d69fb91
-
SHA512
5f25745200700f9e6a433a1b82ec20f6386c37f16a1619a510d0840d337d77605b8f85e021b3c120d112ee0b1b291ca00e974c62de454e3985fb9f387251dd75
-
SSDEEP
24576:FoR2NKhYSFC37BoK3pRsIFQ4KWBpqR17wGyQJp:OR/U2kDsIFu0ci
-
Credentials from Password Stores: Windows Credential Manager
Suspicious access to Credentials History.
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Credential Access
Credentials from Password Stores
2Credentials from Web Browsers
1Windows Credential Manager
1Unsecured Credentials
2Credentials In Files
1Credentials in Registry
1