General
-
Target
843d9e903fe501b7e875674d97a03ebc_JaffaCakes118
-
Size
128KB
-
Sample
241101-hvwb9awqas
-
MD5
843d9e903fe501b7e875674d97a03ebc
-
SHA1
25a20abc2b8ea8d66f85de8fb6c28935c3cc05b0
-
SHA256
9eb3c4be7581e69b6c1bde93f3794daa1f98055a858a8d7623fbd362970c2476
-
SHA512
8fc24b3e548111f5957577360d005d6b4de28124f980e07509d0e24349593f55c692bd62bdc2aa72c23bdfdfcd307f08dacb009b8d4f754869003cbe0fdb471a
-
SSDEEP
3072:gJjG8T8mMkfpb8GmZSak5GJ/HYJokfpb8GmZSa:gM0r3f+GmZXk5I/4Jjf+GmZX
Static task
static1
Behavioral task
behavioral1
Sample
843d9e903fe501b7e875674d97a03ebc_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
843d9e903fe501b7e875674d97a03ebc_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
843d9e903fe501b7e875674d97a03ebc_JaffaCakes118
-
Size
128KB
-
MD5
843d9e903fe501b7e875674d97a03ebc
-
SHA1
25a20abc2b8ea8d66f85de8fb6c28935c3cc05b0
-
SHA256
9eb3c4be7581e69b6c1bde93f3794daa1f98055a858a8d7623fbd362970c2476
-
SHA512
8fc24b3e548111f5957577360d005d6b4de28124f980e07509d0e24349593f55c692bd62bdc2aa72c23bdfdfcd307f08dacb009b8d4f754869003cbe0fdb471a
-
SSDEEP
3072:gJjG8T8mMkfpb8GmZSak5GJ/HYJokfpb8GmZSa:gM0r3f+GmZXk5I/4Jjf+GmZX
-
Credentials from Password Stores: Windows Credential Manager
Suspicious access to Credentials History.
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1