General

  • Target

    e3c7037311eb376eeb78e5d6a43a385f_JaffaCakes118

  • Size

    160KB

  • Sample

    240407-b42r3ahe9v

  • MD5

    e3c7037311eb376eeb78e5d6a43a385f

  • SHA1

    ed9ae296bf9db3f39aa077c905216b4bbb686489

  • SHA256

    5653342122b901120c025ec73a00cd04285f43f4d05e7252a198bcbfb1d8c025

  • SHA512

    42024d6389d5f739cd56a73dd9abf9755f51b0a0d908ad0893f81d5ca01c895ec8e0a46662f4085e2f97b83314b306f0f578bc409b4761aeaf70a1573231719f

  • SSDEEP

    1536:OEY+mFM2HXKZgi0Iksu+XM5/HtAQ9J6xph:FY+4MiIkLZJNAQ9J6v

Malware Config

Targets

    • Target

      e3c7037311eb376eeb78e5d6a43a385f_JaffaCakes118

    • Size

      160KB

    • MD5

      e3c7037311eb376eeb78e5d6a43a385f

    • SHA1

      ed9ae296bf9db3f39aa077c905216b4bbb686489

    • SHA256

      5653342122b901120c025ec73a00cd04285f43f4d05e7252a198bcbfb1d8c025

    • SHA512

      42024d6389d5f739cd56a73dd9abf9755f51b0a0d908ad0893f81d5ca01c895ec8e0a46662f4085e2f97b83314b306f0f578bc409b4761aeaf70a1573231719f

    • SSDEEP

      1536:OEY+mFM2HXKZgi0Iksu+XM5/HtAQ9J6xph:FY+4MiIkLZJNAQ9J6v

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks