General

  • Target

    0a34efed2268834c226b00adb5c0613c_JaffaCakes118

  • Size

    2.3MB

  • Sample

    240430-vz54gade56

  • MD5

    0a34efed2268834c226b00adb5c0613c

  • SHA1

    ab7361df0f9ebe1caeadda8eec52f3e280ae8358

  • SHA256

    ed0a64e11ec3d1110efca4867159a62be50397a2743417b0d32273df098a98aa

  • SHA512

    e131d94af7e5b0372650683b7f98c9beb60457c3ddc8e2a48bf44a0ade4ef1e97185bd14d9e68757288611f12b17a9d05f5d6f00c63341baa86656256366aa70

  • SSDEEP

    49152:Lz071uv4BPMkibTIA5lCx7kvRWa4pCkc30JqMopiqxpP:NABq

Score
10/10

Malware Config

Targets

    • Target

      0a34efed2268834c226b00adb5c0613c_JaffaCakes118

    • Size

      2.3MB

    • MD5

      0a34efed2268834c226b00adb5c0613c

    • SHA1

      ab7361df0f9ebe1caeadda8eec52f3e280ae8358

    • SHA256

      ed0a64e11ec3d1110efca4867159a62be50397a2743417b0d32273df098a98aa

    • SHA512

      e131d94af7e5b0372650683b7f98c9beb60457c3ddc8e2a48bf44a0ade4ef1e97185bd14d9e68757288611f12b17a9d05f5d6f00c63341baa86656256366aa70

    • SSDEEP

      49152:Lz071uv4BPMkibTIA5lCx7kvRWa4pCkc30JqMopiqxpP:NABq

    Score
    10/10
    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Blocklisted process makes network request

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks