General
-
Target
4b30c3325df30a74100f04858201b798_JaffaCakes118
-
Size
64KB
-
Sample
241016-dt389azekg
-
MD5
4b30c3325df30a74100f04858201b798
-
SHA1
914ccffe745556ddb6ef95494b34a144cc5bb6c0
-
SHA256
1ef02d760a0e201648fb359efca312fe6e99dcfc2497ebba3ac7dc5d2917b604
-
SHA512
21a74a6de34ae6ffd3f0f52c4d12ef937764f21af2d05eb506d9d01ade1faf20d568f25bba8444133578e4ba834c320e54357a18510098f463f8980b2d682bb6
-
SSDEEP
1536:i4ZEvFen/nOK7Ie9tTJknIFRvXr/4mnzhCzQ:i4Z8FkOKkejlTvDlzAzQ
Static task
static1
Behavioral task
behavioral1
Sample
4b30c3325df30a74100f04858201b798_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
4b30c3325df30a74100f04858201b798_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
4b30c3325df30a74100f04858201b798_JaffaCakes118
-
Size
64KB
-
MD5
4b30c3325df30a74100f04858201b798
-
SHA1
914ccffe745556ddb6ef95494b34a144cc5bb6c0
-
SHA256
1ef02d760a0e201648fb359efca312fe6e99dcfc2497ebba3ac7dc5d2917b604
-
SHA512
21a74a6de34ae6ffd3f0f52c4d12ef937764f21af2d05eb506d9d01ade1faf20d568f25bba8444133578e4ba834c320e54357a18510098f463f8980b2d682bb6
-
SSDEEP
1536:i4ZEvFen/nOK7Ie9tTJknIFRvXr/4mnzhCzQ:i4Z8FkOKkejlTvDlzAzQ
-
Credentials from Password Stores: Windows Credential Manager
Suspicious access to Credentials History.
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1