General
-
Target
49de8a96462f2ff37acdafa40895a8f1_JaffaCakes118
-
Size
795KB
-
Sample
241015-zbnxhazcqq
-
MD5
49de8a96462f2ff37acdafa40895a8f1
-
SHA1
7ffba2fe6c539bae84332106ab4d7c4a78826a09
-
SHA256
27751bb51090ddd1428a953e75a5058311511f86e253889fee1ea2ff2a4a6eb0
-
SHA512
858b85f566b33f24ad81b83b8c141746bc1783da41c628e529f13c3d2c4ea025a5483adf8d92b8db2637f39762113c2e572cbadf9b572584aeeaaf7375173120
-
SSDEEP
24576:fVePZu1yMkQX9gi8BU6FfrcHKe9I6IJ7m2:NePohkQXOU6FDcqe91U7V
Static task
static1
Behavioral task
behavioral1
Sample
49de8a96462f2ff37acdafa40895a8f1_JaffaCakes118.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
49de8a96462f2ff37acdafa40895a8f1_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
49de8a96462f2ff37acdafa40895a8f1_JaffaCakes118
-
Size
795KB
-
MD5
49de8a96462f2ff37acdafa40895a8f1
-
SHA1
7ffba2fe6c539bae84332106ab4d7c4a78826a09
-
SHA256
27751bb51090ddd1428a953e75a5058311511f86e253889fee1ea2ff2a4a6eb0
-
SHA512
858b85f566b33f24ad81b83b8c141746bc1783da41c628e529f13c3d2c4ea025a5483adf8d92b8db2637f39762113c2e572cbadf9b572584aeeaaf7375173120
-
SSDEEP
24576:fVePZu1yMkQX9gi8BU6FfrcHKe9I6IJ7m2:NePohkQXOU6FDcqe91U7V
-
Credentials from Password Stores: Windows Credential Manager
Suspicious access to Credentials History.
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Credential Access
Credentials from Password Stores
2Credentials from Web Browsers
1Windows Credential Manager
1Unsecured Credentials
2Credentials In Files
1Credentials in Registry
1