General
-
Target
24485d5c27241481e0c96874467a1e8e_JaffaCakes118
-
Size
283KB
-
Sample
240704-cmvg4a1crd
-
MD5
24485d5c27241481e0c96874467a1e8e
-
SHA1
7f9104e8f059f10fb73ba4477c4959a344097d67
-
SHA256
38f06a406ea2c30b84d8c5ecdc9713ec188f26ee9e215a1cdcd4d9b61b46b031
-
SHA512
fead27e1d068d6206a790f3567835fb62d9fa9d53f67b4fbeb72c9d1e57f9a9248950a93568fc4df9d22892192b2cd0de0ccc56c7053d2f9b44f4fa1ee69adae
-
SSDEEP
6144:896rX1EXSopNBF0BB2LceVV2LRENC/KkFCL4d6QuJVwGUFke:uWEXSopNBFow9mLRPKkALVduF
Static task
static1
Behavioral task
behavioral1
Sample
24485d5c27241481e0c96874467a1e8e_JaffaCakes118.exe
Resource
win7-20240611-en
Malware Config
Targets
-
-
Target
24485d5c27241481e0c96874467a1e8e_JaffaCakes118
-
Size
283KB
-
MD5
24485d5c27241481e0c96874467a1e8e
-
SHA1
7f9104e8f059f10fb73ba4477c4959a344097d67
-
SHA256
38f06a406ea2c30b84d8c5ecdc9713ec188f26ee9e215a1cdcd4d9b61b46b031
-
SHA512
fead27e1d068d6206a790f3567835fb62d9fa9d53f67b4fbeb72c9d1e57f9a9248950a93568fc4df9d22892192b2cd0de0ccc56c7053d2f9b44f4fa1ee69adae
-
SSDEEP
6144:896rX1EXSopNBF0BB2LceVV2LRENC/KkFCL4d6QuJVwGUFke:uWEXSopNBFow9mLRPKkALVduF
-
Modifies security service
-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Disables taskbar notifications via registry modification
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
1Active Setup
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
1Active Setup
1