General
-
Target
292aafc2e1363ff4d5b3d60974171d48_JaffaCakes118
-
Size
2.7MB
-
Sample
240706-w2a7js1eqa
-
MD5
292aafc2e1363ff4d5b3d60974171d48
-
SHA1
7058f2a657a4dbe2baca9bcd5dcaf52cad110ea2
-
SHA256
a040a420de84605dfe134af97cee6d22d72556ec6d61598684c27dd3c1515558
-
SHA512
1f8e278f37bedd5a7747dd3ce4f899a8eee3ef5c0fc3e1915ba48759571ce22f644a826ecb99d20339897591e0262090042c0da9b8c21f3aa2d12dd7a561da20
-
SSDEEP
49152:QuAD7NrMn9g5tszlA7nZpfzLpm5Jqg1s2mho7KRI:QR7NrDtu4m5jaUK
Static task
static1
Behavioral task
behavioral1
Sample
292aafc2e1363ff4d5b3d60974171d48_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
292aafc2e1363ff4d5b3d60974171d48_JaffaCakes118.exe
Resource
win10v2004-20240704-en
Malware Config
Targets
-
-
Target
292aafc2e1363ff4d5b3d60974171d48_JaffaCakes118
-
Size
2.7MB
-
MD5
292aafc2e1363ff4d5b3d60974171d48
-
SHA1
7058f2a657a4dbe2baca9bcd5dcaf52cad110ea2
-
SHA256
a040a420de84605dfe134af97cee6d22d72556ec6d61598684c27dd3c1515558
-
SHA512
1f8e278f37bedd5a7747dd3ce4f899a8eee3ef5c0fc3e1915ba48759571ce22f644a826ecb99d20339897591e0262090042c0da9b8c21f3aa2d12dd7a561da20
-
SSDEEP
49152:QuAD7NrMn9g5tszlA7nZpfzLpm5Jqg1s2mho7KRI:QR7NrDtu4m5jaUK
-
Modifies security service
-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Disables taskbar notifications via registry modification
-
Drops file in Drivers directory
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
1Active Setup
1