General
-
Target
1753e5c51e39ae8b979d2b7ce213a446_JaffaCakes118
-
Size
804KB
-
Sample
240627-ypeejszflm
-
MD5
1753e5c51e39ae8b979d2b7ce213a446
-
SHA1
52e63b19aee9ba61c753593b0089cc6e352bf5cc
-
SHA256
c3bab0f648527f6f1ce39bd437ca304d57264c4d45dd2bddef79f39be956640e
-
SHA512
879ec0e1b861b574062d20d5aa9be06020870103c86c932a014826882c9ba48443142cc660630fd8da467c8470a6cf4d59d70e6fb2c6767898a5199c328368d0
-
SSDEEP
12288:bK1q+iF0S+Xi+FSiSFVpIfi7CQc8FTnE97SFdmFnItdDlM2j:bICmS+XNF3aEsCQc8CSDo0dj
Static task
static1
Behavioral task
behavioral1
Sample
1753e5c51e39ae8b979d2b7ce213a446_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
1753e5c51e39ae8b979d2b7ce213a446_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
1753e5c51e39ae8b979d2b7ce213a446_JaffaCakes118
-
Size
804KB
-
MD5
1753e5c51e39ae8b979d2b7ce213a446
-
SHA1
52e63b19aee9ba61c753593b0089cc6e352bf5cc
-
SHA256
c3bab0f648527f6f1ce39bd437ca304d57264c4d45dd2bddef79f39be956640e
-
SHA512
879ec0e1b861b574062d20d5aa9be06020870103c86c932a014826882c9ba48443142cc660630fd8da467c8470a6cf4d59d70e6fb2c6767898a5199c328368d0
-
SSDEEP
12288:bK1q+iF0S+Xi+FSiSFVpIfi7CQc8FTnE97SFdmFnItdDlM2j:bICmS+XNF3aEsCQc8CSDo0dj
Score10/10-
Modifies WinLogon for persistence
-
Executes dropped EXE
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-