General
-
Target
820e0a71982219ca6ec7d31e79104726_JaffaCakes118
-
Size
868KB
-
Sample
241031-hb6nwatndp
-
MD5
820e0a71982219ca6ec7d31e79104726
-
SHA1
3fc78fae6a173e288a416807af9789e8729b7502
-
SHA256
a7d7ba028a6515e77a978c95ced7e33f5586629aa0ce72e199584fd40a693621
-
SHA512
fd632d63a163a1a0b2b5d3bcd7cd80179914166eb35b20c440a5cbc66c7e0dfc37468ce7547f227c5ef9df85da4867ece0dab3528e6b122c1a136707ddd2bd1d
-
SSDEEP
24576:53qesv3PYDgBV0vjJmmR7sdOpJMeeXCD7bMHAIov6:53Wv3PYDk+jJmmRiOpJdDfIn
Static task
static1
Behavioral task
behavioral1
Sample
820e0a71982219ca6ec7d31e79104726_JaffaCakes118.exe
Resource
win7-20241023-en
Behavioral task
behavioral2
Sample
820e0a71982219ca6ec7d31e79104726_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
820e0a71982219ca6ec7d31e79104726_JaffaCakes118
-
Size
868KB
-
MD5
820e0a71982219ca6ec7d31e79104726
-
SHA1
3fc78fae6a173e288a416807af9789e8729b7502
-
SHA256
a7d7ba028a6515e77a978c95ced7e33f5586629aa0ce72e199584fd40a693621
-
SHA512
fd632d63a163a1a0b2b5d3bcd7cd80179914166eb35b20c440a5cbc66c7e0dfc37468ce7547f227c5ef9df85da4867ece0dab3528e6b122c1a136707ddd2bd1d
-
SSDEEP
24576:53qesv3PYDgBV0vjJmmR7sdOpJMeeXCD7bMHAIov6:53Wv3PYDk+jJmmRiOpJdDfIn
Score8/10-
Disables RegEdit via registry modification
-
Disables Task Manager via registry modification
-
Deletes itself
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Adds Run key to start application
-
Indicator Removal: File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Change Default File Association
1