General

  • Target

    263cb8bc40b625c631b97036ff42c206_JaffaCakes118

  • Size

    1.1MB

  • Sample

    240508-xh7bbacd72

  • MD5

    263cb8bc40b625c631b97036ff42c206

  • SHA1

    e0bfcb7cabe29f8ca8027837cbde9e356bc3854b

  • SHA256

    932bb249fdaf5f667b5961311848d88bf84c31243d37b468e464db0fa72581a8

  • SHA512

    9fbffc6c4c66336a8ede46a6197d7735a290d79409e1124573cded8eaac66cb32357077447e08777bd19d09d20714afba7c01630290b1fe7a3556e725e190719

  • SSDEEP

    24576:j7Ctms1zJU17bQV1j4INWE7lZ6ZmYxYLifdoDXG0lsvmWhs9OQp:j729zJGvgR4I57lZ6dGQiNW7s9OI

Malware Config

Targets

    • Target

      PCHome_download.html

    • Size

      784B

    • MD5

      bcec0e2637c60c61e564c10c13f70077

    • SHA1

      1ca7c615bbd41eda253b1fb2dd57191f17be116c

    • SHA256

      c9389b0370d5af112903f6fe648297068aff32c64bff90d3e0098a753329b08d

    • SHA512

      7a21fd610cd91c15cfac3d8a5ea7ac637ceefc0339226b98044d6eddcd97f2301394a4079d2bf35de413b0dd117c2ba87826bc309506270eab3d7ed451a46625

    Score
    1/10
    • Target

      lhftpbak/sjbf.exe

    • Size

      1.1MB

    • MD5

      d1896c3c7b440fc3a7b350a283655046

    • SHA1

      8ab17e6a6a56325ecb2a39b7c26ef47d76c138c5

    • SHA256

      c49123abb1671f28168a2f9f2fce3926980a767b7aa407cd6b8718339a7e8826

    • SHA512

      e80e94e9725519e9470d438be7dff851cdc3efd331d7ef3ea003f721d6be758389eed5475a0c7295b8ae74cae85d070d4d0e7b99b506ea5db1d9d2970fc5e6e5

    • SSDEEP

      24576:UB/fTEd11S3sO8S/SqaICBELetEYNUpLhwa/s3BgFBvyqzfNWqWyyYXs2N5:q/fTEdPdovC+LeLUjwaeBgn62NayyYX3

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks