General

  • Target

    39e89b2d52370e1ebd02acb99aee5ae3_JaffaCakes118

  • Size

    167KB

  • Sample

    240512-nr8fasdc2s

  • MD5

    39e89b2d52370e1ebd02acb99aee5ae3

  • SHA1

    a54ff4d60eb29ed5ee22e25182c1986a4f6b02b7

  • SHA256

    abcd39bfe06ab1741c6fdd7f040a372b13846a10a343de341bdc4fdb107c4a5c

  • SHA512

    ecda85677aaec2c59cc813a080767f1289a284769a7a2836766715a5b191d478249b0f3d137b981a6505001ba2dd3e81524e9e97cecfbd88b1913cfb2d7da72d

  • SSDEEP

    3072:+O4x0H3uHFU6Qm77WgXxXabhhrCNc8knTVx+x9Fnqv161pfeiEm:Gx0eF5QCKg5YhOy2xfa8wm

Malware Config

Targets

    • Target

      39e89b2d52370e1ebd02acb99aee5ae3_JaffaCakes118

    • Size

      167KB

    • MD5

      39e89b2d52370e1ebd02acb99aee5ae3

    • SHA1

      a54ff4d60eb29ed5ee22e25182c1986a4f6b02b7

    • SHA256

      abcd39bfe06ab1741c6fdd7f040a372b13846a10a343de341bdc4fdb107c4a5c

    • SHA512

      ecda85677aaec2c59cc813a080767f1289a284769a7a2836766715a5b191d478249b0f3d137b981a6505001ba2dd3e81524e9e97cecfbd88b1913cfb2d7da72d

    • SSDEEP

      3072:+O4x0H3uHFU6Qm77WgXxXabhhrCNc8knTVx+x9Fnqv161pfeiEm:Gx0eF5QCKg5YhOy2xfa8wm

    • QNodeService

      Trojan/stealer written in NodeJS and spread via Java downloader.

    • Executes dropped EXE

    • Modifies file permissions

MITRE ATT&CK Matrix ATT&CK v13

Tasks