General

  • Target

    b8d51e9728f4e520e7af3c096a97fe0c_JaffaCakes118

  • Size

    2.9MB

  • Sample

    240404-p47vzagc8v

  • MD5

    b8d51e9728f4e520e7af3c096a97fe0c

  • SHA1

    a835305645ddeba800045294b4f8f8c1772fe03f

  • SHA256

    2e1304dc9b50efc032ba6e9f4e704af0991433e271c633447731bc5255255275

  • SHA512

    3d61ef876b08cd320f880db5e0f36153324c71b34d4be08500b3f42bb17e6268f468661034a3be9d869681d1efd4235f87b0558444ef93248c729d4c10c432d4

  • SSDEEP

    49152:dFjCK+RIzGIabH+LJHYl9QoIL0hWzYg3r+NcurRZ2gAIZCfEKYwkBETj4OGCCMBJ:dFGKCIS7oJHR4g3rPuredIZCfEKYwOEh

Score
8/10

Malware Config

Targets

    • Target

      b8d51e9728f4e520e7af3c096a97fe0c_JaffaCakes118

    • Size

      2.9MB

    • MD5

      b8d51e9728f4e520e7af3c096a97fe0c

    • SHA1

      a835305645ddeba800045294b4f8f8c1772fe03f

    • SHA256

      2e1304dc9b50efc032ba6e9f4e704af0991433e271c633447731bc5255255275

    • SHA512

      3d61ef876b08cd320f880db5e0f36153324c71b34d4be08500b3f42bb17e6268f468661034a3be9d869681d1efd4235f87b0558444ef93248c729d4c10c432d4

    • SSDEEP

      49152:dFjCK+RIzGIabH+LJHYl9QoIL0hWzYg3r+NcurRZ2gAIZCfEKYwkBETj4OGCCMBJ:dFGKCIS7oJHR4g3rPuredIZCfEKYwOEh

    Score
    8/10
    • Blocklisted process makes network request

    • Creates new service(s)

    • Stops running service(s)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks