General
-
Target
7f044c12ec9e3d8be0f225b01c58ab1f_JaffaCakes118
-
Size
18KB
-
Sample
241030-nh3tfstnap
-
MD5
7f044c12ec9e3d8be0f225b01c58ab1f
-
SHA1
a9f6a0a6458ee7a39df7de6fbe1f57438085ece4
-
SHA256
df02e376bbc7e3418947b20c93a0905ca6baa0f6dd1c90d20857888d7391c6c3
-
SHA512
b35a18b0f39637efb634a3aa75e467a96e46b7a90fdc8909cff0a098cc19c351dbc9993f6faa5fcadc1363bce08043fc5d4e1884047021365980535b6e78236b
-
SSDEEP
384:AMOCn9T8qcUiPhuEkG1x2ajKuAuqMintR30J/v:A6TFcTPhuENjhjDAuqM+tVO
Static task
static1
Behavioral task
behavioral1
Sample
7f044c12ec9e3d8be0f225b01c58ab1f_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
7f044c12ec9e3d8be0f225b01c58ab1f_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
7f044c12ec9e3d8be0f225b01c58ab1f_JaffaCakes118
-
Size
18KB
-
MD5
7f044c12ec9e3d8be0f225b01c58ab1f
-
SHA1
a9f6a0a6458ee7a39df7de6fbe1f57438085ece4
-
SHA256
df02e376bbc7e3418947b20c93a0905ca6baa0f6dd1c90d20857888d7391c6c3
-
SHA512
b35a18b0f39637efb634a3aa75e467a96e46b7a90fdc8909cff0a098cc19c351dbc9993f6faa5fcadc1363bce08043fc5d4e1884047021365980535b6e78236b
-
SSDEEP
384:AMOCn9T8qcUiPhuEkG1x2ajKuAuqMintR30J/v:A6TFcTPhuENjhjDAuqM+tVO
-
Drops file in Drivers directory
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
Deletes itself
-
Loads dropped DLL
-
Indicator Removal: File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity.
-
Drops file in System32 directory
-