General
-
Target
48c3369c8059bb166fa83b04ccf81209_JaffaCakes118
-
Size
637KB
-
Sample
241015-tm8s6axhql
-
MD5
48c3369c8059bb166fa83b04ccf81209
-
SHA1
732cb9d43d06915cb21b7b6d83c6ac01d10f0d18
-
SHA256
4b0894a4b56c0334e3ce6deb5851988f566c566d18f90f5ca787f1fbdf64c171
-
SHA512
c5d45082e80a6b99e19604f289e0a72801c5049f9da593fa4b80bedcefd9ea48f77f51f4ca97252c02b9adc68268073c0e7932e02c1d79290133e08bda417f7a
-
SSDEEP
12288:GzKTBwOoP9oO6ZQTjwbkJPyXpJmuIwFPzk605Aky+oklRfg1JOpA0zvZ3:uoGPyRQXkkJaXrmu05Ak6MRoXyhB
Static task
static1
Behavioral task
behavioral1
Sample
48c3369c8059bb166fa83b04ccf81209_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
48c3369c8059bb166fa83b04ccf81209_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
48c3369c8059bb166fa83b04ccf81209_JaffaCakes118
-
Size
637KB
-
MD5
48c3369c8059bb166fa83b04ccf81209
-
SHA1
732cb9d43d06915cb21b7b6d83c6ac01d10f0d18
-
SHA256
4b0894a4b56c0334e3ce6deb5851988f566c566d18f90f5ca787f1fbdf64c171
-
SHA512
c5d45082e80a6b99e19604f289e0a72801c5049f9da593fa4b80bedcefd9ea48f77f51f4ca97252c02b9adc68268073c0e7932e02c1d79290133e08bda417f7a
-
SSDEEP
12288:GzKTBwOoP9oO6ZQTjwbkJPyXpJmuIwFPzk605Aky+oklRfg1JOpA0zvZ3:uoGPyRQXkkJaXrmu05Ak6MRoXyhB
-
Credentials from Password Stores: Windows Credential Manager
Suspicious access to Credentials History.
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Credential Access
Credentials from Password Stores
2Credentials from Web Browsers
1Windows Credential Manager
1Unsecured Credentials
1Credentials In Files
1