General
-
Target
8ddd0c04cbe52f0d4438adfe40f70136_JaffaCakes118
-
Size
81KB
-
Sample
241103-2pzl9syrdm
-
MD5
8ddd0c04cbe52f0d4438adfe40f70136
-
SHA1
c43760bfef203cadabfe81d7e1d5530fe5703817
-
SHA256
99085fc2c2d2c821c6d099946eeb2d689219324b3c5cf7e79676875e65132066
-
SHA512
cd9803b0c5c865586674fc4028ce90a5fe21a33b8fb2481151c0de5b3d58894cb068eb42d3a6228d8196fddd9f2d2f8b7e3ad9f33908fda0c0235eb0664f74b6
-
SSDEEP
768:bkpLA8BtBV0QJcW5wqInmNSfyvwx+BKXCJW+trdvsWCJn66kvORIF4+ZN:KkQJcqwmIfj+ECJG/kvOaF48
Static task
static1
Behavioral task
behavioral1
Sample
8ddd0c04cbe52f0d4438adfe40f70136_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
8ddd0c04cbe52f0d4438adfe40f70136_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
8ddd0c04cbe52f0d4438adfe40f70136_JaffaCakes118
-
Size
81KB
-
MD5
8ddd0c04cbe52f0d4438adfe40f70136
-
SHA1
c43760bfef203cadabfe81d7e1d5530fe5703817
-
SHA256
99085fc2c2d2c821c6d099946eeb2d689219324b3c5cf7e79676875e65132066
-
SHA512
cd9803b0c5c865586674fc4028ce90a5fe21a33b8fb2481151c0de5b3d58894cb068eb42d3a6228d8196fddd9f2d2f8b7e3ad9f33908fda0c0235eb0664f74b6
-
SSDEEP
768:bkpLA8BtBV0QJcW5wqInmNSfyvwx+BKXCJW+trdvsWCJn66kvORIF4+ZN:KkQJcqwmIfj+ECJG/kvOaF48
Score9/10-
Grants admin privileges
Uses net.exe to modify the user's privileges.
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses Microsoft Outlook accounts
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Password Policy Discovery
Attempt to access detailed information about the password policy used within an enterprise network.
-
Enumerates processes with tasklist
-
MITRE ATT&CK Enterprise v15
Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1Discovery
Domain Trust Discovery
1Network Service Discovery
1Network Share Discovery
1Password Policy Discovery
1Peripheral Device Discovery
1Permission Groups Discovery
2Domain Groups
1Local Groups
1Process Discovery
1Query Registry
1Remote System Discovery
2System Information Discovery
3System Location Discovery
1System Language Discovery
1System Network Configuration Discovery
1Internet Connection Discovery
1System Network Connections Discovery
1