General

  • Target

    f290fa7d4f9ad625b6dde6fa40beefcf_JaffaCakes118

  • Size

    21KB

  • Sample

    240416-dvd1raaa4x

  • MD5

    f290fa7d4f9ad625b6dde6fa40beefcf

  • SHA1

    45389d729537638d32ef1fdfaca92a3e1d8770c9

  • SHA256

    c4165dc36347c3222cf8d7a52e86b4b703c7d87f34b28032081d2996e92bed42

  • SHA512

    9ea947a614987f30e689a8e91d60f6f11715436f28a6a2b9ca11bd35e6d006e12b061ab97c22a2c69e182ec3c9713551028c67b4ec1c484ea19d654b518a12ca

  • SSDEEP

    384:6mtRfJ9Mfsb5yIdO3s7cP2TQV1i2j+EyNQuU0cxGssT7Yr:6mtdJ9Mf9IdPfQi2jRyM1yTk

Malware Config

Targets

    • Target

      f290fa7d4f9ad625b6dde6fa40beefcf_JaffaCakes118

    • Size

      21KB

    • MD5

      f290fa7d4f9ad625b6dde6fa40beefcf

    • SHA1

      45389d729537638d32ef1fdfaca92a3e1d8770c9

    • SHA256

      c4165dc36347c3222cf8d7a52e86b4b703c7d87f34b28032081d2996e92bed42

    • SHA512

      9ea947a614987f30e689a8e91d60f6f11715436f28a6a2b9ca11bd35e6d006e12b061ab97c22a2c69e182ec3c9713551028c67b4ec1c484ea19d654b518a12ca

    • SSDEEP

      384:6mtRfJ9Mfsb5yIdO3s7cP2TQV1i2j+EyNQuU0cxGssT7Yr:6mtdJ9Mf9IdPfQi2jRyM1yTk

    • Adds policy Run key to start application

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

MITRE ATT&CK Enterprise v15

Tasks