General

  • Target

    ff672b6d51815ef9c86e163bfd23f1a5_JaffaCakes118

  • Size

    60KB

  • Sample

    240421-qyfd7scf25

  • MD5

    ff672b6d51815ef9c86e163bfd23f1a5

  • SHA1

    e4a08257258bc59d67992d762d60ea34f08a6b9d

  • SHA256

    5ec57873c7a4829f75472146d59eb8e44f926d9a0df8d4af51ca21c8cd80bace

  • SHA512

    d957e4e27e6eb10de02d032fbba52918dc9aa67c350b593463e9756fc8c91208a2065d35f13585b60414df5e19ed5f68aadbcb69630fc02b9a0201761064fd57

  • SSDEEP

    1536:OpPKoK6Scvp95XcMIbmA9Cm3o9bEkXHPv:OpPtTvJcMqCm3o9bEk/v

Malware Config

Extracted

Family

netdooka

C2

89.38.131.155

Targets

    • Target

      ff672b6d51815ef9c86e163bfd23f1a5_JaffaCakes118

    • Size

      60KB

    • MD5

      ff672b6d51815ef9c86e163bfd23f1a5

    • SHA1

      e4a08257258bc59d67992d762d60ea34f08a6b9d

    • SHA256

      5ec57873c7a4829f75472146d59eb8e44f926d9a0df8d4af51ca21c8cd80bace

    • SHA512

      d957e4e27e6eb10de02d032fbba52918dc9aa67c350b593463e9756fc8c91208a2065d35f13585b60414df5e19ed5f68aadbcb69630fc02b9a0201761064fd57

    • SSDEEP

      1536:OpPKoK6Scvp95XcMIbmA9Cm3o9bEkXHPv:OpPtTvJcMqCm3o9bEk/v

    Score
    8/10
    • Modifies Installed Components in the registry

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks