General

  • Target

    e2b706e1e30ecf790a4281ec3c289ac5_JaffaCakes118

  • Size

    89KB

  • Sample

    240406-rhp45scf89

  • MD5

    e2b706e1e30ecf790a4281ec3c289ac5

  • SHA1

    fbe1a0b761aa7e890e0b9611480bbc88fc45d4db

  • SHA256

    51b87b68283dfb6b2ea9e37e25bb3ac0993c1f91a8a1abd078edea8dd581e94f

  • SHA512

    b0b2dc322cc8a1e700b4686a73de07f4cbe47f3bbddf511d55fb81c2313135e8f12a6762c754e97772233343a2361a77530a7fbcc019ff53098032f7957d9bdc

  • SSDEEP

    1536:FL+mFM2HXKZgiwIksu+XM5/HtAQ9JB9p03:5+4MOIkLZJNAQ9JBjq

Malware Config

Targets

    • Target

      e2b706e1e30ecf790a4281ec3c289ac5_JaffaCakes118

    • Size

      89KB

    • MD5

      e2b706e1e30ecf790a4281ec3c289ac5

    • SHA1

      fbe1a0b761aa7e890e0b9611480bbc88fc45d4db

    • SHA256

      51b87b68283dfb6b2ea9e37e25bb3ac0993c1f91a8a1abd078edea8dd581e94f

    • SHA512

      b0b2dc322cc8a1e700b4686a73de07f4cbe47f3bbddf511d55fb81c2313135e8f12a6762c754e97772233343a2361a77530a7fbcc019ff53098032f7957d9bdc

    • SSDEEP

      1536:FL+mFM2HXKZgiwIksu+XM5/HtAQ9JB9p03:5+4MOIkLZJNAQ9JBjq

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks