General

  • Target

    e61c0733eec554b44a88b45bf4255965_JaffaCakes118

  • Size

    78KB

  • Sample

    240407-3f1zeahh64

  • MD5

    e61c0733eec554b44a88b45bf4255965

  • SHA1

    c06333f19c93b928ebdc9abfbd8e6003dcc03707

  • SHA256

    351478e0165f7dd0c041d73b2163a3cbeb33306f93ef9362b6aa605c586c9c75

  • SHA512

    15c0557a4564ca8870d3f745e717c7fc1c5d1904a46ba39fdb81674cf89db2462369d9f658531d3488fc665c0653a925d79bac87fae8fc9083b329c2e4714d8c

  • SSDEEP

    1536:n5jSLLT8hn2Ep7WzPdVj6Ju8B3AZ242UdIAkD4x3HT4hPVoYdVQti6q9/s1pH:n5jS3E2EwR4uY41HyvYy9/k

Malware Config

Targets

    • Target

      e61c0733eec554b44a88b45bf4255965_JaffaCakes118

    • Size

      78KB

    • MD5

      e61c0733eec554b44a88b45bf4255965

    • SHA1

      c06333f19c93b928ebdc9abfbd8e6003dcc03707

    • SHA256

      351478e0165f7dd0c041d73b2163a3cbeb33306f93ef9362b6aa605c586c9c75

    • SHA512

      15c0557a4564ca8870d3f745e717c7fc1c5d1904a46ba39fdb81674cf89db2462369d9f658531d3488fc665c0653a925d79bac87fae8fc9083b329c2e4714d8c

    • SSDEEP

      1536:n5jSLLT8hn2Ep7WzPdVj6Ju8B3AZ242UdIAkD4x3HT4hPVoYdVQti6q9/s1pH:n5jS3E2EwR4uY41HyvYy9/k

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks