General
-
Target
289113d7ce5619c9df9a1a84a1334091_JaffaCakes118
-
Size
278KB
-
Sample
240706-sa9dgstgrf
-
MD5
289113d7ce5619c9df9a1a84a1334091
-
SHA1
80d2f6a4b0515dd96bfbbdac099a2a43402ab771
-
SHA256
50efb7da2a37b3d3f2405c902447dad54665a74b178a860485830eb4f2c1238b
-
SHA512
a43e32c5a4accc4a20c43b412fda28ab271e824facf294d2d6a18fd67577004c895e497596deb187f635da0a72ce4f6b9fdefc7d548e999b62f1954b95771022
-
SSDEEP
6144:eBRnldVKx9TuNZouuIqhsWToQW1L0YGFVW0M8VXNcZP:wldV6TK6FImsVQWRaFM0TVXC
Static task
static1
Behavioral task
behavioral1
Sample
289113d7ce5619c9df9a1a84a1334091_JaffaCakes118.exe
Resource
win7-20240704-en
Malware Config
Targets
-
-
Target
289113d7ce5619c9df9a1a84a1334091_JaffaCakes118
-
Size
278KB
-
MD5
289113d7ce5619c9df9a1a84a1334091
-
SHA1
80d2f6a4b0515dd96bfbbdac099a2a43402ab771
-
SHA256
50efb7da2a37b3d3f2405c902447dad54665a74b178a860485830eb4f2c1238b
-
SHA512
a43e32c5a4accc4a20c43b412fda28ab271e824facf294d2d6a18fd67577004c895e497596deb187f635da0a72ce4f6b9fdefc7d548e999b62f1954b95771022
-
SSDEEP
6144:eBRnldVKx9TuNZouuIqhsWToQW1L0YGFVW0M8VXNcZP:wldV6TK6FImsVQWRaFM0TVXC
-
Modifies security service
-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Disables taskbar notifications via registry modification
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
1Active Setup
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
1Active Setup
1