General
-
Target
8283738ea3df02d3b1c8887ffc4ef299_JaffaCakes118
-
Size
386KB
-
Sample
241031-krhcbsvfkh
-
MD5
8283738ea3df02d3b1c8887ffc4ef299
-
SHA1
1d5b44e66d27848d0c9704bbe4956195da5f41e7
-
SHA256
c5e462636c825e608f80334a0ecf32548a0dcfcbdf3386278684d6e10335d745
-
SHA512
34e3fbbad41d1082ed4712451ea47b4982be76cc5b7ef303c27e4342bdbbedf927a98a7247fbefadfd294067d95215f17d9c4704b7a93efb7d22fe0e4a3546c5
-
SSDEEP
6144:fY3D2A35HxUMiWKUiGVGpXCZ5FbsxwQGbMjnq3VhV20DH8bIQ9PUaa2:yx3fUYjnZ5FYxc4jq3VhAmSICF
Static task
static1
Behavioral task
behavioral1
Sample
8283738ea3df02d3b1c8887ffc4ef299_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
8283738ea3df02d3b1c8887ffc4ef299_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
8283738ea3df02d3b1c8887ffc4ef299_JaffaCakes118
-
Size
386KB
-
MD5
8283738ea3df02d3b1c8887ffc4ef299
-
SHA1
1d5b44e66d27848d0c9704bbe4956195da5f41e7
-
SHA256
c5e462636c825e608f80334a0ecf32548a0dcfcbdf3386278684d6e10335d745
-
SHA512
34e3fbbad41d1082ed4712451ea47b4982be76cc5b7ef303c27e4342bdbbedf927a98a7247fbefadfd294067d95215f17d9c4704b7a93efb7d22fe0e4a3546c5
-
SSDEEP
6144:fY3D2A35HxUMiWKUiGVGpXCZ5FbsxwQGbMjnq3VhV20DH8bIQ9PUaa2:yx3fUYjnZ5FYxc4jq3VhAmSICF
Score10/10-
Modifies security service
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1