General

  • Target

    f0bcd93fdef5e51a1186585f8a870bf6_JaffaCakes118

  • Size

    393KB

  • Sample

    240415-lflq2sdd8y

  • MD5

    f0bcd93fdef5e51a1186585f8a870bf6

  • SHA1

    2f75991d0074a9eb620e46cd267baada53e4aa68

  • SHA256

    8542afdaad8d127ed04e434de827844508fb8845106879019799a4789011a86b

  • SHA512

    bd7efdda4b356e35cbb0a58eb9fa91f7b8d6e9ec76b87e7faf00d4ea523d85703852fce2ad07046223a01014b981d3bdf77696702c88248e4fa9e7ca4394f517

  • SSDEEP

    12288:19OlWFveaetDwRo84JaJia2u6eE9OMwUO8APmO7ANXOu:qlAve4epu6J9OMTOnPaN+u

Malware Config

Targets

    • Target

      f0bcd93fdef5e51a1186585f8a870bf6_JaffaCakes118

    • Size

      393KB

    • MD5

      f0bcd93fdef5e51a1186585f8a870bf6

    • SHA1

      2f75991d0074a9eb620e46cd267baada53e4aa68

    • SHA256

      8542afdaad8d127ed04e434de827844508fb8845106879019799a4789011a86b

    • SHA512

      bd7efdda4b356e35cbb0a58eb9fa91f7b8d6e9ec76b87e7faf00d4ea523d85703852fce2ad07046223a01014b981d3bdf77696702c88248e4fa9e7ca4394f517

    • SSDEEP

      12288:19OlWFveaetDwRo84JaJia2u6eE9OMwUO8APmO7ANXOu:qlAve4epu6J9OMTOnPaN+u

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks