General
-
Target
JaffaCakes118_d248af12b5a9f5a0f1622b3504caf1b5
-
Size
860KB
-
Sample
250119-y7d7hatrb1
-
MD5
d248af12b5a9f5a0f1622b3504caf1b5
-
SHA1
5d5601e864a8f712cb83de1ae96798fe627b1574
-
SHA256
188245ca88ac8fdb78f3675790553de5b8cfb3234022c882c4d6f98b4accabfd
-
SHA512
cf475fd2b479dd0aa3d68b727dedf4070915212ec79ae230d8d16e0f5cdfc71eac3a7395324e83b8d394133004ac09d9def8c63df5c729e23b40d825f40561ec
-
SSDEEP
12288:LmVAwSQQYzBqeOYAR0XL1G8wAJm9aLlnXhk+4COLvZhNH4erI92AtHYhJwMxWkEa:l1QBS00tJQ9fg2nH0Jx2RvQN4je3d6R
Static task
static1
Behavioral task
behavioral1
Sample
JaffaCakes118_d248af12b5a9f5a0f1622b3504caf1b5.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
JaffaCakes118_d248af12b5a9f5a0f1622b3504caf1b5.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
JaffaCakes118_d248af12b5a9f5a0f1622b3504caf1b5
-
Size
860KB
-
MD5
d248af12b5a9f5a0f1622b3504caf1b5
-
SHA1
5d5601e864a8f712cb83de1ae96798fe627b1574
-
SHA256
188245ca88ac8fdb78f3675790553de5b8cfb3234022c882c4d6f98b4accabfd
-
SHA512
cf475fd2b479dd0aa3d68b727dedf4070915212ec79ae230d8d16e0f5cdfc71eac3a7395324e83b8d394133004ac09d9def8c63df5c729e23b40d825f40561ec
-
SSDEEP
12288:LmVAwSQQYzBqeOYAR0XL1G8wAJm9aLlnXhk+4COLvZhNH4erI92AtHYhJwMxWkEa:l1QBS00tJQ9fg2nH0Jx2RvQN4je3d6R
-
Credentials from Password Stores: Windows Credential Manager
Suspicious access to Credentials History.
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Credential Access
Credentials from Password Stores
2Credentials from Web Browsers
1Windows Credential Manager
1Unsecured Credentials
2Credentials In Files
1Credentials in Registry
1