General

  • Target

    f06a37081157af03b1f89ebd3c7bef91_JaffaCakes118

  • Size

    23KB

  • Sample

    240415-f35vjsff74

  • MD5

    f06a37081157af03b1f89ebd3c7bef91

  • SHA1

    8eb9e96d13b3a5395144c5fed2a7c90efd9dd23c

  • SHA256

    def88cd2ce3ab3e358aa9f6cb73e5eef7de3c753c2b1b3bac6269ec19fbf288c

  • SHA512

    45d65d832a7b9a4fd3ff9786f098f63f89e7e4120e3eee234ef39e3e41334a1788737650b5446839678fb3e6f6ba08fe44b7e34d6b0bec6d6c177f3983f0ac6a

  • SSDEEP

    384:BZE930gZIYzMBGw69rAiXZnRS3VqzUJ3/K20XlAVnzyhO2A2mPWz:BiSgZh7FAihRSoYJ50X82hO2AHP

Malware Config

Targets

    • Target

      f06a37081157af03b1f89ebd3c7bef91_JaffaCakes118

    • Size

      23KB

    • MD5

      f06a37081157af03b1f89ebd3c7bef91

    • SHA1

      8eb9e96d13b3a5395144c5fed2a7c90efd9dd23c

    • SHA256

      def88cd2ce3ab3e358aa9f6cb73e5eef7de3c753c2b1b3bac6269ec19fbf288c

    • SHA512

      45d65d832a7b9a4fd3ff9786f098f63f89e7e4120e3eee234ef39e3e41334a1788737650b5446839678fb3e6f6ba08fe44b7e34d6b0bec6d6c177f3983f0ac6a

    • SSDEEP

      384:BZE930gZIYzMBGw69rAiXZnRS3VqzUJ3/K20XlAVnzyhO2A2mPWz:BiSgZh7FAihRSoYJ50X82hO2AHP

    • Adds policy Run key to start application

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

MITRE ATT&CK Enterprise v15

Tasks