General

  • Target

    f1e9344c3625065acdad8455f63fc8db_JaffaCakes118

  • Size

    19KB

  • Sample

    240415-zsl48sac9z

  • MD5

    f1e9344c3625065acdad8455f63fc8db

  • SHA1

    9b2b2a98450d0d8c1328ad477d0b1ead74f2d72b

  • SHA256

    7b630ac5802f92e3e9b926950fa3d5c7943fc7e83614f5a7a88de49d383664a2

  • SHA512

    d642ccace2136039b0d1f6c462a2ca06b4e038a955868b915c4dd18ac41bd41af6ef22ae491698403a7de49acfe6ba94d202bb788c9fa59fdd14153ce6dfd1bc

  • SSDEEP

    384:yHDob3+tZMAwq7+dmVNNX89yXodDrmaNJawcudoD7UJ:AJFTaENX8sgrHnbcuyD7U

Malware Config

Targets

    • Target

      f1e9344c3625065acdad8455f63fc8db_JaffaCakes118

    • Size

      19KB

    • MD5

      f1e9344c3625065acdad8455f63fc8db

    • SHA1

      9b2b2a98450d0d8c1328ad477d0b1ead74f2d72b

    • SHA256

      7b630ac5802f92e3e9b926950fa3d5c7943fc7e83614f5a7a88de49d383664a2

    • SHA512

      d642ccace2136039b0d1f6c462a2ca06b4e038a955868b915c4dd18ac41bd41af6ef22ae491698403a7de49acfe6ba94d202bb788c9fa59fdd14153ce6dfd1bc

    • SSDEEP

      384:yHDob3+tZMAwq7+dmVNNX89yXodDrmaNJawcudoD7UJ:AJFTaENX8sgrHnbcuyD7U

    • Adds policy Run key to start application

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

MITRE ATT&CK Enterprise v15

Tasks