General
-
Target
7f1d35025652c22b4d7a2b559b80383b_JaffaCakes118
-
Size
244KB
-
Sample
241030-n4vpzatraq
-
MD5
7f1d35025652c22b4d7a2b559b80383b
-
SHA1
c1d2317376d9808bf3d79f479ac4e7d9a5a14ac0
-
SHA256
e386dc700e326b08c1a51774e08fc210eff31788a1d081b66643d3f0476c0189
-
SHA512
8ce623ae5c07c56e8b9c1d56a2184d07ef46161346edc7c729f22a7392b04d742e18c8838c2be3991483a8935b5503f68d62730f12e4f2fe5daaa82e38835083
-
SSDEEP
6144:gLPGV/wROCiaSltwmr1P0KmwHn8LxtH7vjOaYDovbk:DV/wROCiaSltwOP0KL8Lxtbj0Do
Static task
static1
Behavioral task
behavioral1
Sample
7f1d35025652c22b4d7a2b559b80383b_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
7f1d35025652c22b4d7a2b559b80383b_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
7f1d35025652c22b4d7a2b559b80383b_JaffaCakes118
-
Size
244KB
-
MD5
7f1d35025652c22b4d7a2b559b80383b
-
SHA1
c1d2317376d9808bf3d79f479ac4e7d9a5a14ac0
-
SHA256
e386dc700e326b08c1a51774e08fc210eff31788a1d081b66643d3f0476c0189
-
SHA512
8ce623ae5c07c56e8b9c1d56a2184d07ef46161346edc7c729f22a7392b04d742e18c8838c2be3991483a8935b5503f68d62730f12e4f2fe5daaa82e38835083
-
SSDEEP
6144:gLPGV/wROCiaSltwmr1P0KmwHn8LxtH7vjOaYDovbk:DV/wROCiaSltwOP0KL8Lxtbj0Do
-
Server Software Component: Terminal Services DLL
-
Executes dropped EXE
-
Impair Defenses: Safe Mode Boot
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-