General
-
Target
JaffaCakes118_64e34ad1bd9dcff0734761d0dfe2dab1
-
Size
858KB
-
Sample
250115-3nkbma1nhr
-
MD5
64e34ad1bd9dcff0734761d0dfe2dab1
-
SHA1
7c92b3df0ecfa87fbd62d15cb1a11f71f4485060
-
SHA256
72a679c8f76640618e4ca7b71cf49e0e31b9de43426ad3dc5f99a9bf7b2c5190
-
SHA512
76f51986818f8b09c40762e48bbea35698a68af10a71fdb7c5c40a2e09bf1da0dc30ffd2398508eec4464fa57d99c990fe1c5d397def78fe13e36be163af879b
-
SSDEEP
24576:HwagPnOWuTCV/UTRWfZpFe1JYyt3vZ+iKIVnpuF:ng/OWu+VMTRuZpIrvZ+qW
Static task
static1
Behavioral task
behavioral1
Sample
JaffaCakes118_64e34ad1bd9dcff0734761d0dfe2dab1.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
JaffaCakes118_64e34ad1bd9dcff0734761d0dfe2dab1.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
JaffaCakes118_64e34ad1bd9dcff0734761d0dfe2dab1
-
Size
858KB
-
MD5
64e34ad1bd9dcff0734761d0dfe2dab1
-
SHA1
7c92b3df0ecfa87fbd62d15cb1a11f71f4485060
-
SHA256
72a679c8f76640618e4ca7b71cf49e0e31b9de43426ad3dc5f99a9bf7b2c5190
-
SHA512
76f51986818f8b09c40762e48bbea35698a68af10a71fdb7c5c40a2e09bf1da0dc30ffd2398508eec4464fa57d99c990fe1c5d397def78fe13e36be163af879b
-
SSDEEP
24576:HwagPnOWuTCV/UTRWfZpFe1JYyt3vZ+iKIVnpuF:ng/OWu+VMTRuZpIrvZ+qW
-
Credentials from Password Stores: Windows Credential Manager
Suspicious access to Credentials History.
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Credential Access
Credentials from Password Stores
2Credentials from Web Browsers
1Windows Credential Manager
1Unsecured Credentials
2Credentials In Files
1Credentials in Registry
1