General
-
Target
8fbdfece2d60f122af4de782c83c7d1d_JaffaCakes118
-
Size
31KB
-
Sample
241104-hls6jayqhq
-
MD5
8fbdfece2d60f122af4de782c83c7d1d
-
SHA1
a173e2eb6c878dc88a282c70776284e71b522fa8
-
SHA256
f656513b3c8bed14ce5d97c086958a77c0e297241b4e15c88717a876e2088d85
-
SHA512
0fa11a26369b63e791b590a9a604395bf2201f5229184f34587fa1645afbf5da3e4a37c46b439fa301f991d4c53ba574d1db4468fe52e2999c55458d41576d94
-
SSDEEP
768:n0jzwKwkKMtykxLqJgt8tBlnbcuyD7UzNWGj:nlEKZ3G8pnouy85R
Static task
static1
Behavioral task
behavioral1
Sample
8fbdfece2d60f122af4de782c83c7d1d_JaffaCakes118.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
8fbdfece2d60f122af4de782c83c7d1d_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
8fbdfece2d60f122af4de782c83c7d1d_JaffaCakes118
-
Size
31KB
-
MD5
8fbdfece2d60f122af4de782c83c7d1d
-
SHA1
a173e2eb6c878dc88a282c70776284e71b522fa8
-
SHA256
f656513b3c8bed14ce5d97c086958a77c0e297241b4e15c88717a876e2088d85
-
SHA512
0fa11a26369b63e791b590a9a604395bf2201f5229184f34587fa1645afbf5da3e4a37c46b439fa301f991d4c53ba574d1db4468fe52e2999c55458d41576d94
-
SSDEEP
768:n0jzwKwkKMtykxLqJgt8tBlnbcuyD7UzNWGj:nlEKZ3G8pnouy85R
Score10/10-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
1Disable or Modify Tools
1Modify Registry
3