General

  • Target

    711486a19e8b011528dee34a5d25776e_JaffaCakes118

  • Size

    140KB

  • Sample

    241023-2a24vavamm

  • MD5

    711486a19e8b011528dee34a5d25776e

  • SHA1

    7e131940fce4d157d0a338b8285e8e2298e8677d

  • SHA256

    880823dd9df0ca6047cd829a1031e8a167ccec0629fdeac40a097dd555debf7c

  • SHA512

    9213dc1b1ab70e6672e6bef43a50125e7752de303ddbdbfc5b395f3b228363dd57c036befb21c83945207954575b90021af0d4e1f6872253c20475f3dbc4e894

  • SSDEEP

    1536:rcQx/fZwezQjUho9JdZ582xHcocSVwVcl:IA/RwecEo9JdZ5rxvdVqY

Malware Config

Targets

    • Target

      711486a19e8b011528dee34a5d25776e_JaffaCakes118

    • Size

      140KB

    • MD5

      711486a19e8b011528dee34a5d25776e

    • SHA1

      7e131940fce4d157d0a338b8285e8e2298e8677d

    • SHA256

      880823dd9df0ca6047cd829a1031e8a167ccec0629fdeac40a097dd555debf7c

    • SHA512

      9213dc1b1ab70e6672e6bef43a50125e7752de303ddbdbfc5b395f3b228363dd57c036befb21c83945207954575b90021af0d4e1f6872253c20475f3dbc4e894

    • SSDEEP

      1536:rcQx/fZwezQjUho9JdZ582xHcocSVwVcl:IA/RwecEo9JdZ5rxvdVqY

    • Modifies WinLogon for persistence

    • Disables Task Manager via registry modification

    • Drops desktop.ini file(s)

    • Sets desktop wallpaper using registry

MITRE ATT&CK Enterprise v15

Tasks