General

  • Target

    9c0f95cb306804497ca5c6bd9dbf141b_JaffaCakes118

  • Size

    160KB

  • Sample

    240403-bjscwsbc6v

  • MD5

    9c0f95cb306804497ca5c6bd9dbf141b

  • SHA1

    2f73c36bfe3de564a1d9e1eb801e38ebbac7587f

  • SHA256

    3593fadeff8a05b4b42a66dfce706866d60bc0cb2ead20f1e7b1a114a1271dda

  • SHA512

    0d53f9f6f1a48a3bd1fb6768688e3f1de814e1ed4fff835e8cdf51dbd5c6f0b388ba21aeb1a7241e21e5db1fca8ed57c54e49f31371fed452352bdb90580e2ed

  • SSDEEP

    1536:mEY+mFM2HXKZgi0Iksu+XM5/HtAQ9J6xph:NY+4MiIkLZJNAQ9J6v

Malware Config

Targets

    • Target

      9c0f95cb306804497ca5c6bd9dbf141b_JaffaCakes118

    • Size

      160KB

    • MD5

      9c0f95cb306804497ca5c6bd9dbf141b

    • SHA1

      2f73c36bfe3de564a1d9e1eb801e38ebbac7587f

    • SHA256

      3593fadeff8a05b4b42a66dfce706866d60bc0cb2ead20f1e7b1a114a1271dda

    • SHA512

      0d53f9f6f1a48a3bd1fb6768688e3f1de814e1ed4fff835e8cdf51dbd5c6f0b388ba21aeb1a7241e21e5db1fca8ed57c54e49f31371fed452352bdb90580e2ed

    • SSDEEP

      1536:mEY+mFM2HXKZgi0Iksu+XM5/HtAQ9J6xph:NY+4MiIkLZJNAQ9J6v

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks