General

  • Target

    e521fd3eb9dc1e2175b0bb463c0f19a4_JaffaCakes118

  • Size

    131KB

  • Sample

    240407-rpzl6aeg73

  • MD5

    e521fd3eb9dc1e2175b0bb463c0f19a4

  • SHA1

    159e03f1890c477d617bd5ecb491b160707f0349

  • SHA256

    2a02bf781869047e1633483f016f23e289313ed1f286565ac7f4f19cb72c83a7

  • SHA512

    9e9c12c6ca5545d2d7adec97dc71d3dcfaf027a295d5d2c6c8eafae6f4d70b16aeb0376da96e77a1e5d925515ec2998764fb00ce79566dc35ce4042c67d21481

  • SSDEEP

    1536:ZPx+riFFG1A/m3wE/iVP9In2Zv4qjh+rmKK4cVSZj:fY8FE/MVIn2Z5jgq54c4d

Malware Config

Targets

    • Target

      e521fd3eb9dc1e2175b0bb463c0f19a4_JaffaCakes118

    • Size

      131KB

    • MD5

      e521fd3eb9dc1e2175b0bb463c0f19a4

    • SHA1

      159e03f1890c477d617bd5ecb491b160707f0349

    • SHA256

      2a02bf781869047e1633483f016f23e289313ed1f286565ac7f4f19cb72c83a7

    • SHA512

      9e9c12c6ca5545d2d7adec97dc71d3dcfaf027a295d5d2c6c8eafae6f4d70b16aeb0376da96e77a1e5d925515ec2998764fb00ce79566dc35ce4042c67d21481

    • SSDEEP

      1536:ZPx+riFFG1A/m3wE/iVP9In2Zv4qjh+rmKK4cVSZj:fY8FE/MVIn2Z5jgq54c4d

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks