General
-
Target
4b177dbe3193c9a86a8d2e1e93e55f32_JaffaCakes118
-
Size
636KB
-
Sample
241016-c9186ayfkg
-
MD5
4b177dbe3193c9a86a8d2e1e93e55f32
-
SHA1
bab42e0e5e5cbf36a377b46904ff33e514f4c372
-
SHA256
b0779958efbcdd83f4e988345865e8311a6999a0190290a638303b9ecaf8019c
-
SHA512
cab7b4cdaf7f3771c966850b636a1f78a2cb9e3a3f818c5b884c69dab7e3568434b27896df9e46966135ae699f73810809fac946c41e9ff0f17079b4e8e8ecfd
-
SSDEEP
12288:gmFhr395JN/RHya7lDSyQIOBA5AmyG3sOOmUzCoS1vsIfjm:gIhfb/RSaxD5/OBA5AmyQsOtUmHlfj
Static task
static1
Behavioral task
behavioral1
Sample
4b177dbe3193c9a86a8d2e1e93e55f32_JaffaCakes118.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
4b177dbe3193c9a86a8d2e1e93e55f32_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
4b177dbe3193c9a86a8d2e1e93e55f32_JaffaCakes118
-
Size
636KB
-
MD5
4b177dbe3193c9a86a8d2e1e93e55f32
-
SHA1
bab42e0e5e5cbf36a377b46904ff33e514f4c372
-
SHA256
b0779958efbcdd83f4e988345865e8311a6999a0190290a638303b9ecaf8019c
-
SHA512
cab7b4cdaf7f3771c966850b636a1f78a2cb9e3a3f818c5b884c69dab7e3568434b27896df9e46966135ae699f73810809fac946c41e9ff0f17079b4e8e8ecfd
-
SSDEEP
12288:gmFhr395JN/RHya7lDSyQIOBA5AmyG3sOOmUzCoS1vsIfjm:gIhfb/RSaxD5/OBA5AmyQsOtUmHlfj
-
Credentials from Password Stores: Windows Credential Manager
Suspicious access to Credentials History.
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Credential Access
Credentials from Password Stores
2Credentials from Web Browsers
1Windows Credential Manager
1Unsecured Credentials
1Credentials In Files
1