General

  • Target

    f248b1a07db8b97cf265448f8008e45c_JaffaCakes118

  • Size

    906KB

  • Sample

    240416-axxdbsed91

  • MD5

    f248b1a07db8b97cf265448f8008e45c

  • SHA1

    4d6007ef083b5c8486d3d5e211ee81d50422ef5b

  • SHA256

    35fd246518e98c54b1bed22cfde6d5450d8f9a24da7502dfcf351c8ce631c3a8

  • SHA512

    edd36d0c70adfd6a27869b5756b5bf3f92cdc72586fa85460ce0d16b9633717fc5003d5013ecb111d9f3123564bb8da3807543a8fc761f1fbd061fad06d13595

  • SSDEEP

    24576:dWwOBXr6u0jmugB4L0ZEpjl5RH4axsLN2K434:dWwOVrojZwZM5RH4axWN2K434

Malware Config

Targets

    • Target

      f248b1a07db8b97cf265448f8008e45c_JaffaCakes118

    • Size

      906KB

    • MD5

      f248b1a07db8b97cf265448f8008e45c

    • SHA1

      4d6007ef083b5c8486d3d5e211ee81d50422ef5b

    • SHA256

      35fd246518e98c54b1bed22cfde6d5450d8f9a24da7502dfcf351c8ce631c3a8

    • SHA512

      edd36d0c70adfd6a27869b5756b5bf3f92cdc72586fa85460ce0d16b9633717fc5003d5013ecb111d9f3123564bb8da3807543a8fc761f1fbd061fad06d13595

    • SSDEEP

      24576:dWwOBXr6u0jmugB4L0ZEpjl5RH4axsLN2K434:dWwOVrojZwZM5RH4axWN2K434

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks